CVE-2017-17821
published 2017-12-21CVE-2017-17821: WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer…
PriorityP339critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
1.37%
68.5th percentile
WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function (in WTF/wtf/FastBitVector.cpp) for a purpose other than initializing a bitvector size, and resizeSlow mishandles cases where the old array length is greater than the new array length.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | safari | — | — |
| debian | webkit2gtk | < webkit2gtk 2.22.0-2 (bookworm) | webkit2gtk 2.22.0-2 (bookworm) |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2017-17821: webkit2gtk - WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview R...
vendor_debian·2017·CVSS 9.8
CVE-2017-17821 [CRITICAL] CVE-2017-17821: webkit2gtk - WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview R...
WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function (in WTF/wtf/FastBitVector.cpp) for a purpose other than initializing a bitvector size, and resizeSlow mishandles cases where the old array length is greater than the new array length.
Scope: local
bookworm: resolved (fixed in 2.22.0-2)
bullseye: resolved (fixed in 2.22.0-2)
forky: resolved (fixed in 2.22.0-2)
sid: resolved (fixed in 2.22.0-2)
trixie: resolved (fixed in 2.22.0-2)
GHSA
GHSA-353g-x49j-hjg7: WTF/wtf/FastBitVector
ghsa_unreviewed·2022-05-14
CVE-2017-17821 [CRITICAL] CWE-119 GHSA-353g-x49j-hjg7: WTF/wtf/FastBitVector
WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function (in WTF/wtf/FastBitVector.cpp) for a purpose other than initializing a bitvector size, and resizeSlow mishandles cases where the old array length is greater than the new array length.
OSV
CVE-2017-17821: WTF/wtf/FastBitVector
osv·2017-12-21·CVSS 9.8
CVE-2017-17821 [CRITICAL] CVE-2017-17821: WTF/wtf/FastBitVector
WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function (in WTF/wtf/FastBitVector.cpp) for a purpose other than initializing a bitvector size, and resizeSlow mishandles cases where the old array length is greater than the new array length.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://bugs.webkit.org/show_bug.cgi?id=181020https://github.com/dwfault/PoCs/blob/master/WebKit%20Misuse%20of%20WTF:wtf:FastBitVector%20result%20in%20potential%20BOF/WebKit%20Misuse%20of%20WTF:wtf:FastBitVector%20result%20in%20potential%20BOF.mdhttps://bugs.webkit.org/show_bug.cgi?id=181020https://github.com/dwfault/PoCs/blob/master/WebKit%20Misuse%20of%20WTF:wtf:FastBitVector%20result%20in%20potential%20BOF/WebKit%20Misuse%20of%20WTF:wtf:FastBitVector%20result%20in%20potential%20BOF.md
2017-12-21
Published