CVE-2022-26710 - Vulnerability Details - OpenCVE

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Ipados Iphone Os Macos Tvos Watchos
Redhat	Enterprise Linux

Configuration 1 [-]

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:watchos::::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
webkit2gtk3-0:2.36.7-1.el8	cpe:/a:redhat:enterprise_linux:8	RHSA-2022:7704	2022-11-08T00:00:00Z
Red Hat Enterprise Linux 9
webkit2gtk3-0:2.36.7-1.el9	cpe:/a:redhat:enterprise_linux:9	RHSA-2022:8054	2022-11-15T00:00:00Z

References

Link	Providers
https://nvd.nist.gov/vuln/detail/CVE-2022-26710
https://support.apple.com/en-us/HT213253
https://support.apple.com/en-us/HT213254
https://support.apple.com/en-us/HT213257
https://support.apple.com/en-us/HT213258
https://webkitgtk.org/security/WSA-2022-0006.html
https://www.cve.org/CVERecord?id=CVE-2022-26710

History

No history.

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2022-11-01T00:00:00

Updated: 2024-08-03T05:11:44.296Z

Reserved: 2022-03-08T00:00:00

Link: CVE-2022-26710

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-11-01T20:15:17.393

Modified: 2024-11-21T06:54:21.760

Link: CVE-2022-26710

Redhat

Severity : Moderate

Publid Date: 2022-07-05T00:00:00Z

Links: CVE-2022-26710 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-26710", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "dateUpdated": "2024-08-03T05:11:44.296Z", "dateReserved": "2022-03-08T00:00:00", "datePublished": "2022-11-01T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2022-11-01T00:00:00"}, "descriptions": [{"lang": "en", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution."}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "unspecified", "lessThan": "12.4", "status": "affected", "versionType": "custom"}]}, {"vendor": "Apple", "product": "watchOS", "versions": [{"version": "unspecified", "lessThan": "8.6", "status": "affected", "versionType": "custom"}]}, {"vendor": "Apple", "product": "watchOS", "versions": [{"version": "unspecified", "lessThan": "15.5", "status": "affected", "versionType": "custom"}]}, {"vendor": "Apple", "product": "watchOS", "versions": [{"version": "unspecified", "lessThan": "15.5", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/HT213258"}, {"url": "https://support.apple.com/en-us/HT213253"}, {"url": "https://support.apple.com/en-us/HT213254"}, {"url": "https://support.apple.com/en-us/HT213257"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:11:44.296Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT213258", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213253", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213254", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213257", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "5B3F8579-F907-4E15-A4D6-1459A6687594", "versionEndExcluding": "15.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "29151647-DA19-4B1B-B1CD-2E05A712F941", "versionEndExcluding": "15.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "56A8A170-44A7-4334-88B0-CB4413E28E53", "versionEndExcluding": "12.4", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C98BE9E-8463-4CB9-8E42-A68DC0B20BD8", "versionEndExcluding": "15.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "matchCriteriaId": "E8BAAD78-60FC-4EC3-B727-55F0C0969D6A", "versionEndExcluding": "8.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de uso despu\u00e9s de la liberaci\u00f3n con una gesti\u00f3n de memoria mejorada. Este problema se solucion\u00f3 en iOS 15.5 y iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. El procesamiento de contenido web creado con fines malintencionados puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario."}], "id": "CVE-2022-26710", "lastModified": "2024-11-21T06:54:21.760", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-11-01T20:15:17.393", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213253"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213254"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213257"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213258"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213253"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213254"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213257"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213258"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2022:7704", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "webkit2gtk3-0:2.36.7-1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-11-08T00:00:00Z"}, {"advisory": "RHSA-2022:8054", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "webkit2gtk3-0:2.36.7-1.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}], "bugzilla": {"description": "webkitgtk: Use-after-free leading to arbitrary code execution", "id": "2104789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-416", "details": ["A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution.", "A use-after-free vulnerability was found in WebKitGTK. The flaw occurs when processing maliciously crafted HTML content in WebKit. This flaw allows a remote attacker to trick the victim into visiting a specially crafted website, triggering memory corruption and executing arbitrary code on the system."], "name": "CVE-2022-26710", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "webkitgtk", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "webkitgtk3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "webkitgtk4", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2022-07-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-26710\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-26710\nhttps://webkitgtk.org/security/WSA-2022-0006.html"], "statement": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle & Updates Policy: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Moderate", "upstream_fix": "WebKitGTK 2.36.4"}