CVE-2017-1000121
published 2017-11-01CVE-2017-1000121: The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process…
PriorityP344critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.20%
64.4th percentile
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | webkit2gtk | < webkit2gtk 2.16.3-2 (bookworm) | webkit2gtk 2.16.3-2 (bookworm) |
| webkitgtk | webkitgtk | < 2.16.3 | 2.16.3 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2017-1000121: webkit2gtk - The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not pro...
vendor_debian·2017·CVSS 9.8
CVE-2017-1000121 [CRITICAL] CVE-2017-1000121: webkit2gtk - The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not pro...
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.
Scope: local
bookworm: resolved (fixed in 2.16.3-2)
bullseye: resolved (fixed in 2.16.3-2)
forky: resolved (fixed in 2.16.3-2)
sid: resolved (fixed in 2.16.3-2)
trixie: resolved (fixed in 2.16.3-2)
GHSA
GHSA-rv46-gc6r-8ffx: The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2
ghsa_unreviewed·2022-05-17
CVE-2017-1000121 [CRITICAL] CWE-190 GHSA-rv46-gc6r-8ffx: The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.
OSV
CVE-2017-1000121: The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2
osv·2017-11-01·CVSS 9.8
CVE-2017-1000121 [CRITICAL] CVE-2017-1000121: The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
CWE
Integer Overflow or Wraparound
mitre_cwe
CWE-190 Integer Overflow or Wraparound
CWE-190: Integer Overflow or Wraparound
The product performs a calculation that can
produce an integer overflow or wraparound when the logic
assumes that the resulting value will always be larger than
the original value. This occurs when an integer value is
incremented to a value that is too large to store in the
associated representation. When this occurs, the value may
become a very small or negative number.
Modes of Introduction:
Phase: Implementation
Note: This weakness may become security critical when determining the offset or size in behaviors such as memory allocation, copying, and concatenation.
Common Consequences:
Scope: Availability. Impact: DoS: Crash, Exit, or Restart, DoS: Resource Consumption (Memory), DoS: Instability. This weakness can generally lead to undefined behav
CWE
Improper Restriction of Operations within the Bounds of a Memory Buffer
mitre_cwe
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Background: Certain languages allow direct addressing of memory locations and do not automatically ensure that these locations are valid for the memory buffer that is being referenced.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Integrity, Confidentiality, Availability. Impact: Execute Unauthorized Code or Commands, Modify Memory. If the memory accessible by the attacker can be effec
CWE
Integer Overflow to Buffer Overflow
mitre_cwe·CVSS 8.8
[HIGH] CWE-680 Integer Overflow to Buffer Overflow
CWE-680: Integer Overflow to Buffer Overflow
The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Integrity, Availability, Confidentiality. Impact: Modify Memory, DoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands.
Detection Methods:
Automated Static Analysis: Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searc
2017-11-01
Published