CVE-2020-13753
Description
The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminals input buffer, similar to CVE-2017-5226.
Risk Information
Base Score
10.0
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.219
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Web content engine library for GTK+ (USN-4422-1) libwebkit2gtk-4.0-37_2.28.3-0ubuntu0.18.04.1_i386.deb | Linux |
| Web content engine library for GTK+ (USN-4422-1) libwebkit2gtk-4.0-37_2.28.3-0ubuntu0.18.04.1_amd64.deb | Linux |
| Web content engine library for GTK+ (USN-4422-1) libwebkit2gtk-4.0-37_2.28.3-0ubuntu0.19.10.1_i386.deb | Linux |
| Web content engine library for GTK+ (USN-4422-1) libwebkit2gtk-4.0-37_2.28.3-0ubuntu0.19.10.1_amd64.deb | Linux |
| Web content engine library for GTK+ (USN-4422-1) libwebkit2gtk-4.0-37_2.28.3-0ubuntu0.20.04.1_i386.deb | Linux |
| Web content engine library for GTK+ (USN-4422-1) libwebkit2gtk-4.0-37_2.28.3-0ubuntu0.20.04.1_amd64.deb | Linux |
| Web content engine library for GTK+ (USN-4422-1) libjavascriptcoregtk-4.0-18_2.28.3-0ubuntu0.18.04.1_i386.deb | Linux |
| Web content engine library for GTK+ (USN-4422-1) libjavascriptcoregtk-4.0-18_2.28.3-0ubuntu0.18.04.1_amd64.deb | Linux |
| Web content engine library for GTK+ (USN-4422-1) libjavascriptcoregtk-4.0-18_2.28.3-0ubuntu0.19.10.1_i386.deb | Linux |
| Web content engine library for GTK+ (USN-4422-1) libjavascriptcoregtk-4.0-18_2.28.3-0ubuntu0.19.10.1_amd64.deb | Linux |
| Web content engine library for GTK+ (USN-4422-1) libjavascriptcoregtk-4.0-18_2.28.3-0ubuntu0.20.04.1_i386.deb | Linux |
| Web content engine library for GTK+ (USN-4422-1) libjavascriptcoregtk-4.0-18_2.28.3-0ubuntu0.20.04.1_amd64.deb | Linux |
| SUSE-SU-2020:2069-1(SUSE Linux Enterprise Server 12-SP5 ) libjavascriptcoregtk-4_0-18-2.28.3-2.56.1.x86_64.rpm | Linux |
| SUSE-SU-2020:2069-1(SUSE Linux Enterprise Server 12-SP5 ) libjavascriptcoregtk-4_0-18-debuginfo-2.28.3-2.56.1.x86_64.rpm | Linux |
| SUSE-SU-2020:2069-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk-4_0-37-2.28.3-2.56.1.x86_64.rpm | Linux |
| SUSE-SU-2020:2069-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk-4_0-37-debuginfo-2.28.3-2.56.1.x86_64.rpm | Linux |
| SUSE-SU-2020:2069-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk3-lang-2.28.3-2.56.1.noarch.rpm | Linux |
| SUSE-SU-2020:2069-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-JavaScriptCore-4_0-2.28.3-2.56.1.x86_64.rpm | Linux |
| SUSE-SU-2020:2069-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-WebKit2-4_0-2.28.3-2.56.1.x86_64.rpm | Linux |
| SUSE-SU-2020:2069-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-WebKit2WebExtension-4_0-2.28.3-2.56.1.x86_64.rpm | Linux |
| SUSE-SU-2020:2069-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk-4_0-injected-bundles-2.28.3-2.56.1.x86_64.rpm | Linux |
| SUSE-SU-2020:2069-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk-4_0-injected-bundles-debuginfo-2.28.3-2.56.1.x86_64.rpm | Linux |
| SUSE-SU-2020:2069-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk3-debugsource-2.28.3-2.56.1.x86_64.rpm | Linux |
| Web content engine library for GTK+ (USN-4648-1) libwebkit2gtk-4.0-37_2.30.3-0ubuntu0.18.04.1_i386.deb | Linux |
| Web content engine library for GTK+ (USN-4648-1) libwebkit2gtk-4.0-37_2.30.3-0ubuntu0.18.04.1_amd64.deb | Linux |
| Web content engine library for GTK+ (USN-4648-1) libwebkit2gtk-4.0-37_2.30.3-0ubuntu0.20.04.1_i386.deb | Linux |
| Web content engine library for GTK+ (USN-4648-1) libwebkit2gtk-4.0-37_2.30.3-0ubuntu0.20.04.1_amd64.deb | Linux |
| Web content engine library for GTK+ (USN-4648-1) libwebkit2gtk-4.0-37_2.30.3-0ubuntu0.20.10.1_i386.deb | Linux |
| Web content engine library for GTK+ (USN-4648-1) libwebkit2gtk-4.0-37_2.30.3-0ubuntu0.20.10.1_amd64.deb | Linux |
| Web content engine library for GTK+ (USN-4648-1) libjavascriptcoregtk-4.0-18_2.30.3-0ubuntu0.18.04.1_i386.deb | Linux |
| Web content engine library for GTK+ (USN-4648-1) libjavascriptcoregtk-4.0-18_2.30.3-0ubuntu0.18.04.1_amd64.deb | Linux |
| Web content engine library for GTK+ (USN-4648-1) libjavascriptcoregtk-4.0-18_2.30.3-0ubuntu0.20.04.1_i386.deb | Linux |
| Web content engine library for GTK+ (USN-4648-1) libjavascriptcoregtk-4.0-18_2.30.3-0ubuntu0.20.04.1_amd64.deb | Linux |
| Web content engine library for GTK+ (USN-4648-1) libjavascriptcoregtk-4.0-18_2.30.3-0ubuntu0.20.10.1_i386.deb | Linux |
| Web content engine library for GTK+ (USN-4648-1) libjavascriptcoregtk-4.0-18_2.30.3-0ubuntu0.20.10.1_amd64.deb | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libjavascriptcoregtk-4_0-18-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libjavascriptcoregtk-4_0-18-debuginfo-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk-4_0-37-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk-4_0-37-debuginfo-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk3-lang-2.34.3-2.82.1.noarch.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-WebKit2-4_0-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk-4_0-injected-bundles-debuginfo-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk3-debugsource-2.34.3-2.82.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234