Rocky Linux 8 : GNOME (RLSA-2019:3553)

high Nessus Plugin ID 184895

Synopsis

The remote Rocky Linux host is missing one or more security updates.

Description

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:3553 advisory.

- WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.
This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)

- The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. (CVE-2019-11459)

- daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.) (CVE-2019-12795)

- It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions. (CVE-2019-3820)

- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.
Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237, CVE-2019-8571, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)

- WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)

- A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8506)

- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8518, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563)

- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8523, CVE-2019-8524)

- A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8535)

- A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)

- A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8551)

- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
(CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)

- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
(CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8679, CVE-2019-8681, CVE-2019-8686, CVE-2019-8687)

- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8672, CVE-2019-8676, CVE-2019-8689)

- A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8690)

- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8726, CVE-2019-8735)

- Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)

- webkitgtk: Out-of-bounds read leading to memory disclosure (CVE-2019-8607)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://errata.rockylinux.org/RLSA-2019:3553

https://bugzilla.redhat.com/show_bug.cgi?id=1662193

https://bugzilla.redhat.com/show_bug.cgi?id=1667136

https://bugzilla.redhat.com/show_bug.cgi?id=1673011

https://bugzilla.redhat.com/show_bug.cgi?id=1674382

https://bugzilla.redhat.com/show_bug.cgi?id=1679127

https://bugzilla.redhat.com/show_bug.cgi?id=1680164

https://bugzilla.redhat.com/show_bug.cgi?id=1685811

https://bugzilla.redhat.com/show_bug.cgi?id=1687949

https://bugzilla.redhat.com/show_bug.cgi?id=1690506

https://bugzilla.redhat.com/show_bug.cgi?id=1696708

https://bugzilla.redhat.com/show_bug.cgi?id=1698520

https://bugzilla.redhat.com/show_bug.cgi?id=1698884

https://bugzilla.redhat.com/show_bug.cgi?id=1698923

https://bugzilla.redhat.com/show_bug.cgi?id=1698929

https://bugzilla.redhat.com/show_bug.cgi?id=1698930

https://bugzilla.redhat.com/show_bug.cgi?id=1704355

https://bugzilla.redhat.com/show_bug.cgi?id=1704360

https://bugzilla.redhat.com/show_bug.cgi?id=1704378

https://bugzilla.redhat.com/show_bug.cgi?id=1705583

https://bugzilla.redhat.com/show_bug.cgi?id=1706793

https://bugzilla.redhat.com/show_bug.cgi?id=1709937

https://bugzilla.redhat.com/show_bug.cgi?id=1713080

https://bugzilla.redhat.com/show_bug.cgi?id=1713330

https://bugzilla.redhat.com/show_bug.cgi?id=1713453

https://bugzilla.redhat.com/show_bug.cgi?id=1713685

https://bugzilla.redhat.com/show_bug.cgi?id=1715738

https://bugzilla.redhat.com/show_bug.cgi?id=1715761

https://bugzilla.redhat.com/show_bug.cgi?id=1715765

https://bugzilla.redhat.com/show_bug.cgi?id=1716295

https://bugzilla.redhat.com/show_bug.cgi?id=1716771

https://bugzilla.redhat.com/show_bug.cgi?id=1718133

https://bugzilla.redhat.com/show_bug.cgi?id=1719241

https://bugzilla.redhat.com/show_bug.cgi?id=1719279

https://bugzilla.redhat.com/show_bug.cgi?id=1719779

https://bugzilla.redhat.com/show_bug.cgi?id=1720481

https://bugzilla.redhat.com/show_bug.cgi?id=1721195

https://bugzilla.redhat.com/show_bug.cgi?id=1721575

https://bugzilla.redhat.com/show_bug.cgi?id=1722047

https://bugzilla.redhat.com/show_bug.cgi?id=1722844

https://bugzilla.redhat.com/show_bug.cgi?id=1723467

https://bugzilla.redhat.com/show_bug.cgi?id=1723836

https://bugzilla.redhat.com/show_bug.cgi?id=1724551

https://bugzilla.redhat.com/show_bug.cgi?id=1725101

https://bugzilla.redhat.com/show_bug.cgi?id=1725107

https://bugzilla.redhat.com/show_bug.cgi?id=1725120

https://bugzilla.redhat.com/show_bug.cgi?id=1725555

https://bugzilla.redhat.com/show_bug.cgi?id=1725741

https://bugzilla.redhat.com/show_bug.cgi?id=1725766

https://bugzilla.redhat.com/show_bug.cgi?id=1725854

https://bugzilla.redhat.com/show_bug.cgi?id=1726093

https://bugzilla.redhat.com/show_bug.cgi?id=1726505

https://bugzilla.redhat.com/show_bug.cgi?id=1726656

https://bugzilla.redhat.com/show_bug.cgi?id=1728277

https://bugzilla.redhat.com/show_bug.cgi?id=1731372

https://bugzilla.redhat.com/show_bug.cgi?id=1735382

https://bugzilla.redhat.com/show_bug.cgi?id=1737326

https://bugzilla.redhat.com/show_bug.cgi?id=1739116

https://bugzilla.redhat.com/show_bug.cgi?id=1739117

https://bugzilla.redhat.com/show_bug.cgi?id=1741547

Plugin Details

Severity: High

ID: 184895

File Name: rocky_linux_RLSA-2019-3553.nasl

Version: 1.0

Type: local

Published: 11/7/2023

Updated: 11/7/2023

Supported Sensors: Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2019-8689

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

CVSS Score Source: CVE-2019-8735

Vulnerability Information

CPE: p-cpe:/a:rocky:linux:pidgin, p-cpe:/a:rocky:linux:gdk-pixbuf2, p-cpe:/a:rocky:linux:pango-debuginfo, p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib-devel, p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib, p-cpe:/a:rocky:linux:pidgin-devel, p-cpe:/a:rocky:linux:pango-devel, p-cpe:/a:rocky:linux:pango-debugsource, p-cpe:/a:rocky:linux:gnome-desktop3-debuginfo, cpe:/o:rocky:linux:8, p-cpe:/a:rocky:linux:libpurple, p-cpe:/a:rocky:linux:gnome-desktop3-debugsource, p-cpe:/a:rocky:linux:gdk-pixbuf2-devel, p-cpe:/a:rocky:linux:pidgin-debugsource, p-cpe:/a:rocky:linux:gdk-pixbuf2-modules, p-cpe:/a:rocky:linux:libpurple-devel, p-cpe:/a:rocky:linux:gdk-pixbuf2-debuginfo, p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib-debuginfo, p-cpe:/a:rocky:linux:gdk-pixbuf2-devel-debuginfo, p-cpe:/a:rocky:linux:gnome-desktop3, p-cpe:/a:rocky:linux:libpurple-debuginfo, p-cpe:/a:rocky:linux:pango, p-cpe:/a:rocky:linux:pidgin-debuginfo, p-cpe:/a:rocky:linux:gdk-pixbuf2-modules-debuginfo, p-cpe:/a:rocky:linux:gdk-pixbuf2-debugsource, p-cpe:/a:rocky:linux:gnome-desktop3-devel

Required KB Items: Host/local_checks_enabled, Host/RockyLinux/release, Host/RockyLinux/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/5/2019

Vulnerability Publication Date: 1/14/2019

CISA Known Exploited Vulnerability Due Dates: 5/25/2022

Reference Information

CVE: CVE-2019-11070, CVE-2019-11459, CVE-2019-12795, CVE-2019-3820, CVE-2019-6237, CVE-2019-6251, CVE-2019-8506, CVE-2019-8518, CVE-2019-8523, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8666, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8676, CVE-2019-8677, CVE-2019-8679, CVE-2019-8681, CVE-2019-8686, CVE-2019-8687, CVE-2019-8689, CVE-2019-8690, CVE-2019-8726, CVE-2019-8735, CVE-2019-8768