Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2021-21775: CVE-2021-21775 webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Red Hat: CVE-2021-21775: CVE-2021-21775 webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (Multiple Advisories)

Severity

CVSS

(AV:N/AC:M/Au:S/C:P/I:P/A:P)

Published

07/07/2021

Created

11/11/2021

Added

11/10/2021

Modified

12/15/2023

Description

A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage.

Solution(s)

redhat-upgrade-accountsservice
redhat-upgrade-accountsservice-debuginfo
redhat-upgrade-accountsservice-debugsource
redhat-upgrade-accountsservice-devel
redhat-upgrade-accountsservice-libs
redhat-upgrade-accountsservice-libs-debuginfo
redhat-upgrade-gdm
redhat-upgrade-gdm-debuginfo
redhat-upgrade-gdm-debugsource
redhat-upgrade-gnome-autoar
redhat-upgrade-gnome-autoar-debuginfo
redhat-upgrade-gnome-autoar-debugsource
redhat-upgrade-gnome-calculator
redhat-upgrade-gnome-calculator-debuginfo
redhat-upgrade-gnome-calculator-debugsource
redhat-upgrade-gnome-classic-session
redhat-upgrade-gnome-control-center
redhat-upgrade-gnome-control-center-debuginfo
redhat-upgrade-gnome-control-center-debugsource
redhat-upgrade-gnome-control-center-filesystem
redhat-upgrade-gnome-online-accounts
redhat-upgrade-gnome-online-accounts-debuginfo
redhat-upgrade-gnome-online-accounts-debugsource
redhat-upgrade-gnome-online-accounts-devel
redhat-upgrade-gnome-session
redhat-upgrade-gnome-session-debuginfo
redhat-upgrade-gnome-session-debugsource
redhat-upgrade-gnome-session-kiosk-session
redhat-upgrade-gnome-session-wayland-session
redhat-upgrade-gnome-session-xsession
redhat-upgrade-gnome-settings-daemon
redhat-upgrade-gnome-settings-daemon-debuginfo
redhat-upgrade-gnome-settings-daemon-debugsource
redhat-upgrade-gnome-shell
redhat-upgrade-gnome-shell-debuginfo
redhat-upgrade-gnome-shell-debugsource
redhat-upgrade-gnome-shell-extension-apps-menu
redhat-upgrade-gnome-shell-extension-auto-move-windows
redhat-upgrade-gnome-shell-extension-common
redhat-upgrade-gnome-shell-extension-dash-to-dock
redhat-upgrade-gnome-shell-extension-desktop-icons
redhat-upgrade-gnome-shell-extension-disable-screenshield
redhat-upgrade-gnome-shell-extension-drive-menu
redhat-upgrade-gnome-shell-extension-gesture-inhibitor
redhat-upgrade-gnome-shell-extension-horizontal-workspaces
redhat-upgrade-gnome-shell-extension-launch-new-instance
redhat-upgrade-gnome-shell-extension-native-window-placement
redhat-upgrade-gnome-shell-extension-no-hot-corner
redhat-upgrade-gnome-shell-extension-panel-favorites
redhat-upgrade-gnome-shell-extension-places-menu
redhat-upgrade-gnome-shell-extension-screenshot-window-sizer
redhat-upgrade-gnome-shell-extension-systemmonitor
redhat-upgrade-gnome-shell-extension-top-icons
redhat-upgrade-gnome-shell-extension-updates-dialog
redhat-upgrade-gnome-shell-extension-user-theme
redhat-upgrade-gnome-shell-extension-window-grouper
redhat-upgrade-gnome-shell-extension-window-list
redhat-upgrade-gnome-shell-extension-windowsnavigator
redhat-upgrade-gnome-shell-extension-workspace-indicator
redhat-upgrade-gnome-software
redhat-upgrade-gnome-software-debuginfo
redhat-upgrade-gnome-software-debugsource
redhat-upgrade-gnome-software-devel
redhat-upgrade-gsettings-desktop-schemas
redhat-upgrade-gsettings-desktop-schemas-devel
redhat-upgrade-gtk-update-icon-cache
redhat-upgrade-gtk-update-icon-cache-debuginfo
redhat-upgrade-gtk3
redhat-upgrade-gtk3-debuginfo
redhat-upgrade-gtk3-debugsource
redhat-upgrade-gtk3-devel
redhat-upgrade-gtk3-devel-debuginfo
redhat-upgrade-gtk3-immodule-xim
redhat-upgrade-gtk3-immodule-xim-debuginfo
redhat-upgrade-gtk3-immodules-debuginfo
redhat-upgrade-gtk3-tests-debuginfo
redhat-upgrade-libraw
redhat-upgrade-libraw-debuginfo
redhat-upgrade-libraw-debugsource
redhat-upgrade-libraw-devel
redhat-upgrade-libraw-samples-debuginfo
redhat-upgrade-mutter
redhat-upgrade-mutter-debuginfo
redhat-upgrade-mutter-debugsource
redhat-upgrade-mutter-devel
redhat-upgrade-mutter-tests-debuginfo
redhat-upgrade-vino
redhat-upgrade-vino-debuginfo
redhat-upgrade-vino-debugsource
redhat-upgrade-webkit2gtk3
redhat-upgrade-webkit2gtk3-debuginfo
redhat-upgrade-webkit2gtk3-debugsource
redhat-upgrade-webkit2gtk3-devel
redhat-upgrade-webkit2gtk3-devel-debuginfo
redhat-upgrade-webkit2gtk3-jsc
redhat-upgrade-webkit2gtk3-jsc-debuginfo
redhat-upgrade-webkit2gtk3-jsc-devel
redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo

References

DSA-4945
CVE-2021-21775
RHSA-2021:4381

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2021-21775: CVE-2021-21775 webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (Multiple Advisories)

Red Hat: CVE-2021-21775: CVE-2021-21775 webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (Multiple Advisories)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.