Unrated severityNVD Advisory· Published Jul 7, 2021· Updated Aug 3, 2024

CVE-2021-21775

Description

A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage.

Affected products

105

osv-coords104 versions
pkg:rpm/almalinux/accountsservice pkg:rpm/almalinux/accountsservice-devel pkg:rpm/almalinux/accountsservice-libs pkg:rpm/almalinux/gdm pkg:rpm/almalinux/gnome-autoar pkg:rpm/almalinux/gnome-calculator pkg:rpm/almalinux/gnome-classic-session pkg:rpm/almalinux/gnome-control-center pkg:rpm/almalinux/gnome-control-center-filesystem pkg:rpm/almalinux/gnome-online-accounts pkg:rpm/almalinux/gnome-online-accounts-devel pkg:rpm/almalinux/gnome-session pkg:rpm/almalinux/gnome-session-kiosk-session pkg:rpm/almalinux/gnome-session-wayland-session pkg:rpm/almalinux/gnome-session-xsession pkg:rpm/almalinux/gnome-settings-daemon pkg:rpm/almalinux/gnome-shell pkg:rpm/almalinux/gnome-shell-extension-apps-menu pkg:rpm/almalinux/gnome-shell-extension-auto-move-windows pkg:rpm/almalinux/gnome-shell-extension-common pkg:rpm/almalinux/gnome-shell-extension-dash-to-dock pkg:rpm/almalinux/gnome-shell-extension-desktop-icons pkg:rpm/almalinux/gnome-shell-extension-disable-screenshield pkg:rpm/almalinux/gnome-shell-extension-drive-menu pkg:rpm/almalinux/gnome-shell-extension-gesture-inhibitor pkg:rpm/almalinux/gnome-shell-extension-horizontal-workspaces pkg:rpm/almalinux/gnome-shell-extension-launch-new-instance pkg:rpm/almalinux/gnome-shell-extension-native-window-placement pkg:rpm/almalinux/gnome-shell-extension-no-hot-corner pkg:rpm/almalinux/gnome-shell-extension-panel-favorites pkg:rpm/almalinux/gnome-shell-extension-places-menu pkg:rpm/almalinux/gnome-shell-extension-screenshot-window-sizer pkg:rpm/almalinux/gnome-shell-extension-systemMonitor pkg:rpm/almalinux/gnome-shell-extension-top-icons pkg:rpm/almalinux/gnome-shell-extension-updates-dialog pkg:rpm/almalinux/gnome-shell-extension-user-theme pkg:rpm/almalinux/gnome-shell-extension-window-grouper pkg:rpm/almalinux/gnome-shell-extension-window-list pkg:rpm/almalinux/gnome-shell-extension-windowsNavigator pkg:rpm/almalinux/gnome-shell-extension-workspace-indicator pkg:rpm/almalinux/gnome-software pkg:rpm/almalinux/gnome-software-devel pkg:rpm/almalinux/gsettings-desktop-schemas pkg:rpm/almalinux/gsettings-desktop-schemas-devel pkg:rpm/almalinux/gtk3 pkg:rpm/almalinux/gtk3-devel pkg:rpm/almalinux/gtk3-immodule-xim pkg:rpm/almalinux/gtk-update-icon-cache pkg:rpm/almalinux/LibRaw pkg:rpm/almalinux/LibRaw-devel pkg:rpm/almalinux/mutter pkg:rpm/almalinux/mutter-devel pkg:rpm/almalinux/vino pkg:rpm/almalinux/webkit2gtk3 pkg:rpm/almalinux/webkit2gtk3-devel pkg:rpm/almalinux/webkit2gtk3-jsc pkg:rpm/almalinux/webkit2gtk3-jsc-devel pkg:rpm/opensuse/gtk3&distro=openSUSE%20Tumbleweed pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.2 pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.3 pkg:rpm/suse/libsoup&distro=SUSE%20Enterprise%20Storage%206 pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOS pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015 pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1 pkg:rpm/suse/libsoup&distro=SUSE%20Manager%20Proxy%204.0 pkg:rpm/suse/libsoup&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0 pkg:rpm/suse/libsoup&distro=SUSE%20Manager%20Server%204.0 pkg:rpm/suse/webkit2gtk3&distro=HPE%20Helion%20OpenStack%208 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%206 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP2 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Proxy%204.0 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Server%204.0 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%208 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 0.6.55-2.el8+ 103 more
- (no CPE)range: < 0.6.55-2.el8
- (no CPE)range: < 0.6.55-2.el8
- (no CPE)range: < 0.6.55-2.el8
- (no CPE)range: < 1:40.0-15.el8
- (no CPE)range: < 0.2.3-2.el8
- (no CPE)range: < 3.28.2-2.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.28.2-28.el8
- (no CPE)range: < 3.28.2-28.el8
- (no CPE)range: < 3.28.2-3.el8
- (no CPE)range: < 3.28.2-3.el8
- (no CPE)range: < 3.28.1-13.el8
- (no CPE)range: < 3.28.1-13.el8
- (no CPE)range: < 3.28.1-13.el8
- (no CPE)range: < 3.28.1-13.el8
- (no CPE)range: < 3.32.0-16.el8.alma
- (no CPE)range: < 3.32.2-40.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.36.1-10.el8
- (no CPE)range: < 3.36.1-10.el8
- (no CPE)range: < 3.32.0-6.el8
- (no CPE)range: < 3.32.0-6.el8
- (no CPE)range: < 3.22.30-8.el8
- (no CPE)range: < 3.22.30-8.el8
- (no CPE)range: < 3.22.30-8.el8
- (no CPE)range: < 3.22.30-8.el8
- (no CPE)range: < 0.19.5-3.el8
- (no CPE)range: < 0.19.5-3.el8
- (no CPE)range: < 3.32.2-60.el8
- (no CPE)range: < 3.32.2-60.el8
- (no CPE)range: < 3.22.0-11.el8
- (no CPE)range: < 2.32.3-2.el8
- (no CPE)range: < 2.32.3-2.el8
- (no CPE)range: < 2.32.3-2.el8
- (no CPE)range: < 2.32.3-2.el8
- (no CPE)range: < 2.32.4-1.1
- (no CPE)range: < 2.32.3-lp152.2.16.1
- (no CPE)range: < 2.32.3-9.1
- (no CPE)range: < 2.62.2-17.8.1
- (no CPE)range: < 2.62.2-17.8.1
- (no CPE)range: < 2.62.2-17.8.1
- (no CPE)range: < 2.62.2-17.8.1
- (no CPE)range: < 2.62.2-17.8.1
- (no CPE)range: < 2.62.2-17.8.1
- (no CPE)range: < 2.62.2-17.8.1
- (no CPE)range: < 2.62.2-17.8.1
- (no CPE)range: < 2.62.2-17.8.1
- (no CPE)range: < 2.62.2-17.8.1
- (no CPE)range: < 2.62.2-17.8.1
- (no CPE)range: < 2.62.2-17.8.1
- (no CPE)range: < 2.62.2-17.8.1
- (no CPE)range: < 2.32.3-2.66.1
- (no CPE)range: < 2.32.3-3.77.3
- (no CPE)range: < 2.32.3-3.77.3
- (no CPE)range: < 2.32.3-3.77.3
- (no CPE)range: < 2.32.3-3.77.3
- (no CPE)range: < 2.32.3-3.77.3
- (no CPE)range: < 2.32.3-9.1
- (no CPE)range: < 2.32.3-9.1
- (no CPE)range: < 2.32.3-9.1
- (no CPE)range: < 2.32.3-9.1
- (no CPE)range: < 2.32.3-2.66.1
- (no CPE)range: < 2.32.3-2.66.1
- (no CPE)range: < 2.32.3-2.66.1
- (no CPE)range: < 2.32.3-2.66.1
- (no CPE)range: < 2.32.3-2.66.1
- (no CPE)range: < 2.32.3-3.77.3
- (no CPE)range: < 2.32.3-3.77.3
- (no CPE)range: < 2.32.3-3.77.3
- (no CPE)range: < 2.32.3-2.66.1
- (no CPE)range: < 2.32.3-2.66.1
- (no CPE)range: < 2.32.3-2.66.1
- (no CPE)range: < 2.32.3-3.77.3
- (no CPE)range: < 2.32.3-3.77.3
- (no CPE)range: < 2.32.3-2.66.1
- (no CPE)range: < 2.32.3-3.77.3
- (no CPE)range: < 2.32.3-3.77.3
- (no CPE)range: < 2.32.3-3.77.3
- (no CPE)range: < 2.32.3-2.66.1
- (no CPE)range: < 2.32.3-2.66.1
- (no CPE)range: < 2.32.3-2.66.1
- (no CPE)range: < 2.32.3-2.66.1
Apple Inc./Webkitv5
Range: Webkit WebKitGTK 2.30.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYMMBQN4PRVDLMIJT2LY2BWHLYBD57P3/mitrevendor-advisoryx_refsource_FEDORA
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4QORERLPDN3UNNJFJSOMHZZCU2G75Q6/mitrevendor-advisoryx_refsource_FEDORA
www.debian.org/security/2021/dsa-4945mitrevendor-advisoryx_refsource_DEBIAN
www.openwall.com/lists/oss-security/2021/07/23/1mitremailing-listx_refsource_MLIST
talosintelligence.com/vulnerability_reports/TALOS-2021-1229mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000