PT-2021-9633 · Webkitgtk+10 · Webkitgtk+10

Icewall

Published

2020-10-24

Updated

2024-06-15

CVE-2020-13558

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions WebKitGTK version 2.30.1

Description A code execution issue exists in the AudioSourceProviderGStreamer functionality of WebKit. This can be triggered by a specially crafted web page, leading to a use after free scenario.

Recommendations For WebKitGTK version 2.30.1, consider disabling the AudioSourceProviderGStreamer functionality as a temporary workaround until a patch is available.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2021:4381

ALT-PU-2020-3117

CESA-2021_4381

CVE-2020-13558

DSA-4854-1

MGASA-2021-0107

OPENSUSE-SU-2021:0376-1

OPENSUSE-SU-2021_0376-1

OPENSUSE-SU-2024:11506-1

RHSA-2021:4381

RHSA-2021_4381

RHSA-2025:10364

RLSA-2021:4381

SUSE-SU-2021:0536-1

SUSE-SU-2021:0583-1

SUSE-SU-2021:1990-1

SUSE-SU-2021_0536-1

SUSE-SU-2021_0583-1

USN-4739-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Gstreamer

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

Webkitgtk

PT-2021-9633 · Webkitgtk+10 · Webkitgtk+10

CVE-2020-13558

Weakness Enumeration

Related Identifiers

Affected Products

References · 274