CVE-2021-42762 — Improper Input Validation in Webkitgtk

CWE-20 — Improper Input Validation7 documents7 sources

Severity

5.3MEDIUMNVD

CNA8.8OSV7.8

EPSS

0.0%

top 99.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Webkitgtk Wpewebkit WPE Webkit Debian Linux +1 more

Timeline

PublishedOct 20

Latest updateMay 24

Description

BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.8 | Impact: 3.4

Affected Packages2 packages

▶NVDwebkitgtk/webkitgtk< 2.34.1

▶NVDwpewebkit/wpe_webkit< 2.34.1

Also affects: Debian Linux 10.0, 11.0, Fedora 33, 34, 35

🔴Vulnerability Details

GHSA

GHSA-4ch5-gr7v-q6wq: BubblewrapLauncher↗2022-05-24

▶

CVEList

CVE-2021-42762: BubblewrapLauncher↗2021-10-20

▶

OSV

CVE-2021-42762: BubblewrapLauncher↗2021-10-20

▶

📋Vendor Advisories

Ubuntu

WebKitGTK vulnerabilities↗2021-11-01

▶

Red Hat

webkitgtk: limited sandbox escape via VFS syscalls↗2021-10-20

▶

Debian

CVE-2021-42762: webkit2gtk - BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limite...↗2021

▶