Vulnerability CVE-2021-42762

Vulnerability Name:

CVE-2021-42762 (CCN-211772)

Assigned:

2021-10-20

Published:

2021-10-20

Updated:

2021-11-26

Summary:

BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined.
Note: this is similar to CVE-2021-41133.

CVSS v3 Severity:

5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)
4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

6.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L)
5.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2021-42762

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20211026 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006

Source: CCN
Type: WebKit Bugzilla Bug 231479
(CVE-2021-42762) - [WPE][GTK] Limited sandbox escape via VFS syscalls

Source: MISC
Type: Exploit, Issue Tracking, Vendor Advisory
https://bugs.webkit.org/show_bug.cgi?id=231479

Source: XF
Type: UNKNOWN
webkit-cve202142762-sec-bypass(211772)

Source: MISC
Type: Third Party Advisory
https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-483d896d1d

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-db6ebb2d68

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-131360fa9a

Source: CCN
Type: WebKit Web site
WebKitGTK and WPE WebKit

Source: DEBIAN
Type: Third Party Advisory
DSA-4995

Source: DEBIAN
Type: Third Party Advisory
DSA-4996

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-42762

Vulnerable Configuration:

Configuration 1:

cpe:/a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:* (Version < 2.34.1)

OR cpe:/a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:* (Version < 2.34.1)

Configuration 2:

cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8033	P	libjavascriptcoregtk-5_0-0-2.38.6-150400.4.39.1 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:7603	P	libjavascriptcoregtk-4_0-18-2.38.6-150400.4.39.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7941	P	libjavascriptcoregtk-4_1-0-2.38.6-150400.4.39.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51985	P	Security update for haproxy (Important)	2023-01-26
oval:org.opensuse.security:def:802	P	Security update for squid (Important)	2022-10-06
oval:org.opensuse.security:def:3703	P	Security update for crash (Important) (in QA)	2022-07-21
oval:org.opensuse.security:def:95426	P	Security update for xorg-x11-server (Important)	2022-07-12
oval:org.opensuse.security:def:3018	P	augeas-1.10.1-2.6 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3320	P	pam_yubico-2.26-1.25 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3401	P	xen-4.12.1_06-1.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3520	P	gvim-7.4.326-17.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94648	P	libjavascriptcoregtk-4_0-18-2.36.0-150400.2.13 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94632	P	libcryptopp-devel-8.6.0-150400.1.6 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94950	P	libjavascriptcoregtk-4_1-0-2.36.0-150400.2.13 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94812	P	python3-setuptools-44.1.1-150400.1.4 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95031	P	libjavascriptcoregtk-5_0-0-2.36.0-150400.2.12 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:100075	P	(Moderate)	2022-02-04
oval:org.opensuse.security:def:99764	P	(Important)	2022-01-17
oval:org.opensuse.security:def:99171	P	(Moderate)	2021-12-07
oval:org.opensuse.security:def:102139	P	Security update for python-Babel (Important)	2021-12-06
oval:org.opensuse.security:def:33743	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:59566	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:88538	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:29449	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:55272	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:84240	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:126797	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:106741	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:92814	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:9060	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:69955	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:31708	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:57531	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:86690	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:23712	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:82656	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:106056	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:10175	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:92221	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:34001	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:59824	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:89221	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:30151	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:55974	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:84698	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:127194	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:9421	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:70315	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:99366	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:32226	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:58049	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:87511	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:23997	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:51700	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:83358	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:106255	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:10366	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:92416	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:8674	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:69561	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:34596	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:60419	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:89479	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:30271	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:56094	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:85774	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:105666	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:9616	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:70506	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:99565	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:33047	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:58870	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:88221	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:26172	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:83478	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:125630	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:106454	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:92615	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:8865	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:69756	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:98976	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:31310	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:57133	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:86172	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:5159	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:105861	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:9815	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:92026	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:111124	P	Security update for webkit2gtk3 (Important)	2021-11-06
oval:org.opensuse.security:def:73914	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:64792	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:76371	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:117525	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:6214	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:67303	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:108011	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:74324	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:111770	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:101735	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:4167	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:65256	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:117705	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:101345	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:108191	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:74388	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:4231	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:65320	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:73731	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:101525	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:64609	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:108805	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:76035	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:1044	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:5878	P	Security update for webkit2gtk3 (Important)	2021-11-03
oval:org.opensuse.security:def:66967	P	Security update for webkit2gtk3 (Important)	2021-11-03

BACK