In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.
References
| Link | Resource |
|---|---|
| http://www.openwall.com/lists/oss-security/2022/01/21/2 | Mailing List Third Party Advisory |
| https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.32.3 | Exploit Third Party Advisory |
Configurations
History
05 Feb 2022, 02:22
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MLIST) http://www.openwall.com/lists/oss-security/2022/01/21/2 - Mailing List, Third Party Advisory |
21 Jan 2022, 19:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
04 Jan 2022, 19:49
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.32.3 - Exploit, Third Party Advisory | |
| CWE | CWE-401 | |
| CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.5 |
| First Time |
Webkitgtk webkitgtk
Webkitgtk |
|
| CPE | cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:* |
25 Dec 2021, 01:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2021-12-25 01:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-45481
Mitre link : CVE-2021-45481
CVE.ORG link : CVE-2021-45481
JSON object : View
Products Affected
webkitgtk
- webkitgtk
CWE
CWE-401
Missing Release of Memory after Effective Lifetime