SecurityFocus

————————————————————————

WebKitGTK+ Security Advisory WSA-2018-0001
————————————————————————

Date reported : January 10, 2018
Advisory ID : WSA-2018-0001
Advisory URL : https://webkitgtk.org/security/WSA-2018-0001.html
CVE identifiers : CVE-2017-5753, CVE-2017-5715.

Several vulnerabilities were discovered in WebKitGTK+.

CVE-2017-5753
Versions affected: WebKitGTK+ before 2.18.5.
Credit to Jann Horn of Google Project Zero; and Paul Kocher in
collaboration with Daniel Genkin of University of Pennsylvania and
University of Maryland, Daniel Gruss of Graz University of
Technology, Werner Haas of Cyberus Technology, Mike Hamburg of
Rambus (Cryptography Research Division), Moritz Lipp of Graz
University of Technology, Stefan Mangard of Graz University of
Technology, Thomas Prescher of Cyberus Technology, Michael Schwarz
of Graz University of Technology, and Yuval Yarom of University of
Adelaide and Data61.
Impact: Systems with microprocessors utilizing speculative execution
and branch prediction may allow unauthorized disclosure of
information to an attacker via a side-channel analysis. This variant
of the Spectre vulnerability triggers the speculative execution by
performing a bounds-check bypass. Description: Security improvements
are included to mitigate the effects.

CVE-2017-5715
Versions affected: WebKitGTK+ before 2.18.5.
Credit to Jann Horn of Google Project Zero; and Paul Kocher in
collaboration with Daniel Genkin of University of Pennsylvania and
University of Maryland, Daniel Gruss of Graz University of
Technology, Werner Haas of Cyberus Technology, Mike Hamburg of
Rambus (Cryptography Research Division), Moritz Lipp of Graz
University of Technology, Stefan Mangard of Graz University of
Technology, Thomas Prescher of Cyberus Technology, Michael Schwarz
of Graz University of Technology, and Yuval Yarom of University of
Adelaide and Data61.
Impact: Systems with microprocessors utilizing speculative execution
and branch prediction may allow unauthorized disclosure of
information to an attacker via a side-channel analysis. This variant
of the Spectre vulnerability triggers the speculative execution by
utilizing branch target injection. Description: Security
improvements are included to mitigate the effects.

We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.

Further information about WebKitGTK+ Security Advisories can be found
at: https://webkitgtk.org/security.html

The WebKitGTK+ team,
January 10, 2018

—–BEGIN PGP SIGNATURE—–
Comment: You can fetch my GnuPG key from http://key.neutrino.es

iQIzBAEBCgAdFiEEtdK1C8SOx/HukNmrllCJzmuV+IIFAlpWQQgACgkQllCJzmuV
+IJz4BAAgp3AXVRI4HWyMTvXxqycwBoVpzp60D6RNfTQ/ufbwjVKvO7yKrbvMzix
Vyo9kK+rwzyWsG2YHijlaZA27nX6sGYLqcJbro+gQ1EI308Z4ZSIivwdFqkipbX2
99NeGrGJOtdlsURi2N88TFja7DN6jbIv9FET2xHyfGhfGlowJRH1PHMfzmSf8rUz
NPnkYqi6kX1JMgZ+2vlHcOcHpyZsLYeqIA0J3At5qYbFULMuy2kLwv19FljUCHbj
VSVomlCz7mfjT32kb+ldmyeiUXyRGFdbDPDqBE515lAZPqaF/s3cZwC48hnhQCkh
BlzEg8qAnVaiBEqt6+N4bai+3XBrKpyHbH8RDzFgK1hC3gUHrtsIdgJO8QQgn0eD
i4PhEMoZK3cGzJM8Tbtwokl0Q/yxeu1dZzGz5nA00qE+EEVgcncRKXBr8slAN/MG
JOtkp9DUSFhTmDqltXSsyr+MIideuZB6EccNfVjaUFkuow2TfYx0uEq5gz4koIPx
s4J+FG6lS8yKIlPXJhdu8NjxApSACVarVTlbKkppNQdtQ4p0Vff0vxbuOvq0tNlu
NGfShF0a/o/95rZ+1kXPwoT/l7JPMhcfwKjDmF/ZRHRPm7tHdBudvLtox3PisEON
IemBnPw/4i0WUEG/34/C79CBa4swlGsEwTeF8MEL6b/QM3JchII=
=AMLa
—–END PGP SIGNATURE—–

[ reply ]