QID 357017
Date Published: 2024-02-05
QID 357017: Amazon Linux Security Advisory for webkitgtk4 : ALAS2-2024-2425
The issue was addressed with improved memory handling.
This issue is fixed in safari 17.2, macos sonoma 14.2, ios 17.2 and ipados 17.2, watchos 10.2, tvos 17.2, ios 16.7.3 and ipados 16.7.3.
Processing an image may lead to a denial-of-service. (
( CVE-2023-42883) the issue was addressed with improved memory handling.
This issue is fixed in safari 17.2, macos sonoma 14.2, watchos 10.2, ios 17.2 and ipados 17.2, tvos 17.2.
Processing web content may lead to arbitrary code execution. (
( CVE-2023-42890)
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.
Solution
Please refer to Amazon advisory: ALAS2-2024-2425 for affected packages and patching details, or update with your package manager.
Vendor References
- ALAS2-2024-2425 -
alas.aws.amazon.com/AL2/ALAS-2024-2425.html
CVEs related to QID 357017
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| ALAS2-2024-2425 | amazon linux 2 |
alas.aws.amazon.com/AL2/ALAS-2024-2425.html |