CVE-2016-10226

Metadata

medium
5.0
webkit, webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src
CVE-2016-10226
cve.mitre.org, bugs.webkit.org
2017-04-03
2017-10-23 14:17
CVE-2016-10226 webkitgtk
2017-07-20 21:30
2017-06-16 19:17
2017-05-24 16:04
2017-05-10 23:46
2017-04-14 10:20
2017-04-04 02:03

Description

JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (bitfield out-of-bounds read and application crash) via crafted JavaScript code that is mishandled in the operatorString function, related to assembler/MacroAssemblerARM64.h, assembler/MacroAssemblerX86Common.h, and wasm/WasmB3IRGenerator.cpp.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

None

Unaffected

Release Package Reason
precise webkit ignored
webkitgtk DNE
webkit2gtk DNE
qtwebkit-source ignored
qtwebkit-opensource-src DNE
precise/esm webkit DNE
webkitgtk DNE
webkit2gtk DNE
qtwebkit-source DNE
qtwebkit-opensource-src DNE
trusty webkit DNE
webkit2gtk DNE
vivid/ubuntu-core webkit DNE
webkitgtk DNE
webkit2gtk DNE
qtwebkit-source DNE
qtwebkit-opensource-src DNE
vivid/stable-phone-overlay webkit DNE
webkitgtk DNE
webkit2gtk DNE
qtwebkit-source DNE
qtwebkit-opensource-src DNE
xenial webkit DNE
webkitgtk not-affected
webkit2gtk not-affected
yakkety webkit DNE
webkitgtk not-affected
webkit2gtk not-affected
qtwebkit-source ignored
qtwebkit-opensource-src ignored
zesty webkit DNE
webkitgtk not-affected
webkit2gtk not-affected
artful webkit DNE
webkitgtk not-affected
webkit2gtk not-affected
devel webkit DNE
webkitgtk not-affected
webkit2gtk not-affected

Needs Triage

Release Package Reason
upstream webkit needs-triage
webkitgtk needs-triage
webkit2gtk needs-triage
qtwebkit-source needs-triage
qtwebkit-opensource-src needs-triage
trusty webkitgtk needs-triage
qtwebkit-source needs-triage
qtwebkit-opensource-src needs-triage
xenial qtwebkit-source needs-triage
qtwebkit-opensource-src needs-triage
zesty qtwebkit-source needs-triage
qtwebkit-opensource-src needs-triage
artful qtwebkit-source needs-triage
qtwebkit-opensource-src needs-triage
devel qtwebkit-source needs-triage
qtwebkit-opensource-src needs-triage