+ Linux kernel 4.18.10, 4.14.72, 4.9.129, 4.4.158, 3.18.123 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.10
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.72
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.129
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.158
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.123
+ WebKit WebCore::SVGTextLayoutAttributes::context Use-After-Free
https://cxsecurity.com/issue/WLB-2018090242
CVE-2018-4318
+ WebKit WebCore::InlineTextBox::paint Out-Of-Bounds Read
https://cxsecurity.com/issue/WLB-2018090241
CVE-2018-4328
+ WebKit WebCore::RenderMultiColumnSet::updateMinimumColumnHeight Use-After-Free
https://cxsecurity.com/issue/WLB-2018090240
CVE-2018-4323
+ WebKit WebCore::RenderLayer::updateDescendantDependentFlags Use-After-Free
https://cxsecurity.com/issue/WLB-2018090239
CVE-2018-4317
+ WebKit WebCore::SVGAnimateElementBase::resetAnimatedType Use-After-Free
https://cxsecurity.com/issue/WLB-2018090238
CVE-2018-4314
+ WebKit WebCore::SVGTRefElement::updateReferencedText Use-After-Free
https://cxsecurity.com/issue/WLB-2018090237
CVE-2018-4315
+ WebKit WebCore::AXObjectCache::handleMenuItemSelected Use-After-Free
https://cxsecurity.com/issue/WLB-2018090236
CVE-2018-4312
+ WebKit WebCore::Node::ensureRareData Use-After-Free
https://cxsecurity.com/issue/WLB-2018090235
CVE-2018-4306
+ WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded Use-After-Free
https://cxsecurity.com/issue/WLB-2018090234
CVE-2018-4197
VU#581311 TP-Link EAP Controller lacks RMI authentication and is vulnerable to deserialization attacks
https://www.kb.cert.org/vuls/id/581311
0 件のコメント:
コメントを投稿