RHEL 8 : GNOME (RHSA-2021:4381)

critical Nessus Plugin ID 155153

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4381 advisory.

GNOME is the default desktop environment of Red Hat Enterprise Linux.

The following packages have been upgraded to a later upstream version: gdm (40.0), webkit2gtk3 (2.32.3).
(BZ#1909300)

Security Fix(es):

* webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution (CVE-2020-13558)

* LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp (CVE-2020-24870)

* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918)

* webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765)

* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-1788)

* webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789)

* webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799)

* webkitgtk: IFrame sandboxing policy violation (CVE-2021-1801)

* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844)

* webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870)

* webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1871)

* webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (CVE-2021-21775)

* webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution (CVE-2021-21779)

* webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806)

* webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663)

* webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665)

* webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682)

* webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689)

* webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720)

* webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734)

* webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack (CVE-2021-30744)

* webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30749)

* webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758)

* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30795)

* webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797)

* webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30799)

* webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623)

* gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (CVE-2020-36241)

* gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix) (CVE-2021-28650)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?0922d936

http://www.nessus.org/u?7240878e

https://access.redhat.com/security/updates/classification/#moderate

https://access.redhat.com/errata/RHSA-2021:4381

https://bugzilla.redhat.com/show_bug.cgi?id=1651378

https://bugzilla.redhat.com/show_bug.cgi?id=1770302

https://bugzilla.redhat.com/show_bug.cgi?id=1791478

https://bugzilla.redhat.com/show_bug.cgi?id=1813727

https://bugzilla.redhat.com/show_bug.cgi?id=1854679

https://bugzilla.redhat.com/show_bug.cgi?id=1873297

https://bugzilla.redhat.com/show_bug.cgi?id=1873488

https://bugzilla.redhat.com/show_bug.cgi?id=1888404

https://bugzilla.redhat.com/show_bug.cgi?id=1894613

https://bugzilla.redhat.com/show_bug.cgi?id=1897932

https://bugzilla.redhat.com/show_bug.cgi?id=1904139

https://bugzilla.redhat.com/show_bug.cgi?id=1905000

https://bugzilla.redhat.com/show_bug.cgi?id=1909300

https://bugzilla.redhat.com/show_bug.cgi?id=1914925

https://bugzilla.redhat.com/show_bug.cgi?id=1924725

https://bugzilla.redhat.com/show_bug.cgi?id=1925640

https://bugzilla.redhat.com/show_bug.cgi?id=1928794

https://bugzilla.redhat.com/show_bug.cgi?id=1928886

https://bugzilla.redhat.com/show_bug.cgi?id=1935261

https://bugzilla.redhat.com/show_bug.cgi?id=1944350

https://bugzilla.redhat.com/show_bug.cgi?id=1944859

https://bugzilla.redhat.com/show_bug.cgi?id=1944862

https://bugzilla.redhat.com/show_bug.cgi?id=1944867

https://bugzilla.redhat.com/show_bug.cgi?id=1949176

https://bugzilla.redhat.com/show_bug.cgi?id=1951086

https://bugzilla.redhat.com/show_bug.cgi?id=1978612

https://bugzilla.redhat.com/show_bug.cgi?id=1980441

https://bugzilla.redhat.com/show_bug.cgi?id=1980661

https://bugzilla.redhat.com/show_bug.cgi?id=1981420

https://bugzilla.redhat.com/show_bug.cgi?id=1986863

https://bugzilla.redhat.com/show_bug.cgi?id=1986866

https://bugzilla.redhat.com/show_bug.cgi?id=1986872

https://bugzilla.redhat.com/show_bug.cgi?id=1986874

https://bugzilla.redhat.com/show_bug.cgi?id=1937416

https://bugzilla.redhat.com/show_bug.cgi?id=1937866

https://bugzilla.redhat.com/show_bug.cgi?id=1938937

https://bugzilla.redhat.com/show_bug.cgi?id=1940026

https://bugzilla.redhat.com/show_bug.cgi?id=1944323

https://bugzilla.redhat.com/show_bug.cgi?id=1944329

https://bugzilla.redhat.com/show_bug.cgi?id=1944333

https://bugzilla.redhat.com/show_bug.cgi?id=1944337

https://bugzilla.redhat.com/show_bug.cgi?id=1944340

https://bugzilla.redhat.com/show_bug.cgi?id=1944343

https://bugzilla.redhat.com/show_bug.cgi?id=1952136

https://bugzilla.redhat.com/show_bug.cgi?id=1955754

https://bugzilla.redhat.com/show_bug.cgi?id=1957705

https://bugzilla.redhat.com/show_bug.cgi?id=1960705

https://bugzilla.redhat.com/show_bug.cgi?id=1962049

https://bugzilla.redhat.com/show_bug.cgi?id=1971507

https://bugzilla.redhat.com/show_bug.cgi?id=1971534

https://bugzilla.redhat.com/show_bug.cgi?id=1972545

https://bugzilla.redhat.com/show_bug.cgi?id=1978287

https://bugzilla.redhat.com/show_bug.cgi?id=1978505

https://bugzilla.redhat.com/show_bug.cgi?id=1986879

https://bugzilla.redhat.com/show_bug.cgi?id=1986881

https://bugzilla.redhat.com/show_bug.cgi?id=1986883

https://bugzilla.redhat.com/show_bug.cgi?id=1986886

https://bugzilla.redhat.com/show_bug.cgi?id=1986888

https://bugzilla.redhat.com/show_bug.cgi?id=1986890

https://bugzilla.redhat.com/show_bug.cgi?id=1986892

https://bugzilla.redhat.com/show_bug.cgi?id=1986900

https://bugzilla.redhat.com/show_bug.cgi?id=1986902

https://bugzilla.redhat.com/show_bug.cgi?id=1986906

https://bugzilla.redhat.com/show_bug.cgi?id=1987233

https://bugzilla.redhat.com/show_bug.cgi?id=1989035

https://bugzilla.redhat.com/show_bug.cgi?id=1998989

https://bugzilla.redhat.com/show_bug.cgi?id=1999120

https://bugzilla.redhat.com/show_bug.cgi?id=2004170

Plugin Details

Severity: Critical

ID: 155153

File Name: redhat-RHSA-2021-4381.nasl

Version: 1.16

Type: local

Agent: unix

Published: 11/11/2021

Updated: 11/7/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.4

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2021-30799

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

CVSS Score Source: CVE-2021-1871

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:webkit2gtk3, p-cpe:/a:redhat:enterprise_linux:gnome-autoar, p-cpe:/a:redhat:enterprise_linux:libraw, p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc, p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc-devel, p-cpe:/a:redhat:enterprise_linux:libraw-devel, p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-devel, cpe:/o:redhat:enterprise_linux:8

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/9/2021

Vulnerability Publication Date: 10/31/2020

CISA Known Exploited Vulnerability Due Dates: 11/17/2021, 5/25/2022

Reference Information

CVE: CVE-2020-13558, CVE-2020-24870, CVE-2020-27918, CVE-2020-29623, CVE-2020-36241, CVE-2021-1765, CVE-2021-1788, CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1844, CVE-2021-1870, CVE-2021-1871, CVE-2021-21775, CVE-2021-21779, CVE-2021-21806, CVE-2021-28650, CVE-2021-30663, CVE-2021-30665, CVE-2021-30682, CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744, CVE-2021-30749, CVE-2021-30758, CVE-2021-30795, CVE-2021-30797, CVE-2021-30799

CWE: 119, 120, 190, 20, 200, 22, 416, 459, 79, 843, 863

RHSA: 2021:4381