跳转到帖子

Amazon Linux AMI 2: CVE-2024-44308: Security patch for webkitgtk4 (ALAS-2024-2434)

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

Amazon Linux AMI 2: CVE-2024-44308: Security patch for webkitgtk4 (ALAS-2024-2434)

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
11/20/2024
Created
01/08/2025
Added
01/07/2025
Modified
01/28/2025

Description

The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.

Solution(s)

  • amazon-linux-ami-2-upgrade-webkitgtk4
  • amazon-linux-ami-2-upgrade-webkitgtk4-debuginfo
  • amazon-linux-ami-2-upgrade-webkitgtk4-devel
  • amazon-linux-ami-2-upgrade-webkitgtk4-jsc
  • amazon-linux-ami-2-upgrade-webkitgtk4-jsc-devel

References

  • https://attackerkb.com/topics/cve-2024-44308
  • AL2/ALAS-2024-2434
  • CVE - 2024-44308
  • 引用
  • Mention
    • 查看数 701
    • 已创建
    • 最后回复

    参与讨论

    你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。

    游客
    回帖…
    转到主题列表