Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2021-21806: CVE-2021-21806 webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

Red Hat: CVE-2021-21806: CVE-2021-21806 webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (Multiple Advisories)

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

07/08/2021

Created

11/11/2021

Added

11/10/2021

Modified

12/15/2023

Description

An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability.

Solution(s)

redhat-upgrade-accountsservice
redhat-upgrade-accountsservice-debuginfo
redhat-upgrade-accountsservice-debugsource
redhat-upgrade-accountsservice-devel
redhat-upgrade-accountsservice-libs
redhat-upgrade-accountsservice-libs-debuginfo
redhat-upgrade-gdm
redhat-upgrade-gdm-debuginfo
redhat-upgrade-gdm-debugsource
redhat-upgrade-gnome-autoar
redhat-upgrade-gnome-autoar-debuginfo
redhat-upgrade-gnome-autoar-debugsource
redhat-upgrade-gnome-calculator
redhat-upgrade-gnome-calculator-debuginfo
redhat-upgrade-gnome-calculator-debugsource
redhat-upgrade-gnome-classic-session
redhat-upgrade-gnome-control-center
redhat-upgrade-gnome-control-center-debuginfo
redhat-upgrade-gnome-control-center-debugsource
redhat-upgrade-gnome-control-center-filesystem
redhat-upgrade-gnome-online-accounts
redhat-upgrade-gnome-online-accounts-debuginfo
redhat-upgrade-gnome-online-accounts-debugsource
redhat-upgrade-gnome-online-accounts-devel
redhat-upgrade-gnome-session
redhat-upgrade-gnome-session-debuginfo
redhat-upgrade-gnome-session-debugsource
redhat-upgrade-gnome-session-kiosk-session
redhat-upgrade-gnome-session-wayland-session
redhat-upgrade-gnome-session-xsession
redhat-upgrade-gnome-settings-daemon
redhat-upgrade-gnome-settings-daemon-debuginfo
redhat-upgrade-gnome-settings-daemon-debugsource
redhat-upgrade-gnome-shell
redhat-upgrade-gnome-shell-debuginfo
redhat-upgrade-gnome-shell-debugsource
redhat-upgrade-gnome-shell-extension-apps-menu
redhat-upgrade-gnome-shell-extension-auto-move-windows
redhat-upgrade-gnome-shell-extension-common
redhat-upgrade-gnome-shell-extension-dash-to-dock
redhat-upgrade-gnome-shell-extension-desktop-icons
redhat-upgrade-gnome-shell-extension-disable-screenshield
redhat-upgrade-gnome-shell-extension-drive-menu
redhat-upgrade-gnome-shell-extension-gesture-inhibitor
redhat-upgrade-gnome-shell-extension-horizontal-workspaces
redhat-upgrade-gnome-shell-extension-launch-new-instance
redhat-upgrade-gnome-shell-extension-native-window-placement
redhat-upgrade-gnome-shell-extension-no-hot-corner
redhat-upgrade-gnome-shell-extension-panel-favorites
redhat-upgrade-gnome-shell-extension-places-menu
redhat-upgrade-gnome-shell-extension-screenshot-window-sizer
redhat-upgrade-gnome-shell-extension-systemmonitor
redhat-upgrade-gnome-shell-extension-top-icons
redhat-upgrade-gnome-shell-extension-updates-dialog
redhat-upgrade-gnome-shell-extension-user-theme
redhat-upgrade-gnome-shell-extension-window-grouper
redhat-upgrade-gnome-shell-extension-window-list
redhat-upgrade-gnome-shell-extension-windowsnavigator
redhat-upgrade-gnome-shell-extension-workspace-indicator
redhat-upgrade-gnome-software
redhat-upgrade-gnome-software-debuginfo
redhat-upgrade-gnome-software-debugsource
redhat-upgrade-gnome-software-devel
redhat-upgrade-gsettings-desktop-schemas
redhat-upgrade-gsettings-desktop-schemas-devel
redhat-upgrade-gtk-update-icon-cache
redhat-upgrade-gtk-update-icon-cache-debuginfo
redhat-upgrade-gtk3
redhat-upgrade-gtk3-debuginfo
redhat-upgrade-gtk3-debugsource
redhat-upgrade-gtk3-devel
redhat-upgrade-gtk3-devel-debuginfo
redhat-upgrade-gtk3-immodule-xim
redhat-upgrade-gtk3-immodule-xim-debuginfo
redhat-upgrade-gtk3-immodules-debuginfo
redhat-upgrade-gtk3-tests-debuginfo
redhat-upgrade-libraw
redhat-upgrade-libraw-debuginfo
redhat-upgrade-libraw-debugsource
redhat-upgrade-libraw-devel
redhat-upgrade-libraw-samples-debuginfo
redhat-upgrade-mutter
redhat-upgrade-mutter-debuginfo
redhat-upgrade-mutter-debugsource
redhat-upgrade-mutter-devel
redhat-upgrade-mutter-tests-debuginfo
redhat-upgrade-vino
redhat-upgrade-vino-debuginfo
redhat-upgrade-vino-debugsource
redhat-upgrade-webkit2gtk3
redhat-upgrade-webkit2gtk3-debuginfo
redhat-upgrade-webkit2gtk3-debugsource
redhat-upgrade-webkit2gtk3-devel
redhat-upgrade-webkit2gtk3-devel-debuginfo
redhat-upgrade-webkit2gtk3-jsc
redhat-upgrade-webkit2gtk3-jsc-debuginfo
redhat-upgrade-webkit2gtk3-jsc-devel
redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo

References

CVE-2021-21806
RHSA-2021:4381

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2021-21806: CVE-2021-21806 webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (Multiple Advisories)

Red Hat: CVE-2021-21806: CVE-2021-21806 webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (Multiple Advisories)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.