Bug ID 1219113
Summary VUL-0: CVE-2024-23222: webkit2gtk3,webkitgtk: type confusion may lead to arbitrary code execution
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.6
Hardware Other
URL https://smash.suse.de/issue/391964/
OS Other
Status NEW
Severity Major
Priority P5 - None
Component Security
Assignee mlin@suse.com
Reporter smash_bz@suse.de
QA Contact security-team@suse.de
CC stoyan.manolov@suse.com
Target Milestone ---
Found By Security Response Team
Blocker --- 

A type confusion issue was addressed with improved checks. This issue is fixed
in tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and
iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3.
Processing maliciously crafted web content may lead to arbitrary code
execution. Apple is aware of a report that this issue may have been exploited.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23222
https://support.apple.com/en-us/HT214058
https://support.apple.com/en-us/HT214057
https://support.apple.com/en-us/HT214063
https://support.apple.com/en-us/HT214059
https://support.apple.com/en-us/HT214061
https://www.cve.org/CVERecord?id=CVE-2024-23222
https://support.apple.com/en-us/HT214055
https://support.apple.com/en-us/HT214056
https://bugzilla.redhat.com/show_bug.cgi?id=2259893

You are receiving this mail because: