Chijin

**Nome do software vulnerável e versões afetadas** Versões do WebKitGTK anteriores à 2.36.8 **Descrição** Uma vulnerabilidade do tipo “use-after-free” no WebCore::RenderLayer::updateDescendantDependentFlags permite que invasores executem código remotamente. Esse problema está relacionado à renderização de páginas da web e pode ser explorado por um invasor remoto para acessar dados confidenciais, comprometer a integridade dos dados e causar uma negação de serviço. **Recomendações** Para versões do WebKitGTK anteriores à 2.36.8, atualize para a versão 2.36.8 ou posterior para resolver o problema. Como solução temporária, considere desativar a função `updateDescendantDependentFlags` no WebCore::RenderLayer até que um patch esteja disponível.

**Name of the Vulnerable Software and Affected Versions** WebKitGTK versions prior to 2.36.8 WPE WebKit (affected versions not specified) **Description** A use-after-free vulnerability in the `WebCore::RenderLayer::setNextSibling` function of the WebKitGTK and WPE WebKit rendering modules is related to the use of memory after it has been freed. Exploitation of this issue may allow a remote attacker to execute arbitrary code. **Recommendations** For WebKitGTK versions prior to 2.36.8, update to version 2.36.8 or later to resolve the issue. For WPE WebKit, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WebKitGTK versions prior to 2.36.8 WPE WebKit (affected versions not specified) **Description** A use-after-free vulnerability in the `WebCore::RenderLayer::repaintBlockSelectionGaps` function of the WebKitGTK and WPE WebKit rendering modules allows attackers to execute code remotely. This issue is related to the use of memory after it has been freed. **Recommendations** For WebKitGTK versions prior to 2.36.8, update to version 2.36.8 or later to resolve the issue. For WPE WebKit, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WebKitGTK versions prior to 2.36.8 WPE WebKit (affected versions not specified) **Description** A use-after-free vulnerability in the `WebCore::RenderLayer::addChild` function of WebKitGTK and WPE WebKit is related to the use of memory after it has been freed. Exploitation of this issue may allow a remote attacker to execute arbitrary code. **Recommendations** For WebKitGTK versions prior to 2.36.8, update to version 2.36.8 or later to resolve the issue. For WPE WebKit, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `WebCore::RenderLayer::addChild` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** WebKitGTK versions prior to 2.36.8 WPE WebKit (affected versions not specified) **Description** A use-after-free vulnerability in the WebCore::RenderLayer::renderer function of the WebKitGTK and WPE WebKit rendering modules allows attackers to execute code remotely. This issue is related to the use of memory after it has been freed, which can be exploited by a remote attacker to execute arbitrary code. **Recommendations** For WebKitGTK versions prior to 2.36.8, update to version 2.36.8 or later to resolve the issue. For WPE WebKit, at the moment, there is no information about a newer version that contains a fix for this vulnerability.