高危 libwebp 缓冲区溢出代码执行漏洞(CVE-2023-4863)
CVE编号
CVE-2023-4863利用情况
POC 已公开补丁情况
官方补丁披露时间
2023-09-12漏洞描述
由于 Google Chrome 中的 WebP 组件存在边界错误,远程攻击者可以诱骗受害者访问恶意网站,触发基于堆的缓冲区溢出并在目标系统上执行任意代码。解决建议
升级libwebp至1.3.2及以上版本受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 应用 | chrome | * | Up to (excluding) 116.0.5845.187 | ||||||
| 运行在以下环境 | |||||||||
| 应用 | microsoft | edge | * | Up to (excluding) 117.0.2045.31 | |||||
| 运行在以下环境 | |||||||||
| 应用 | mozilla | firefox | * | Up to (excluding) 117.0.1 | |||||
| 运行在以下环境 | |||||||||
| 应用 | mozilla | firefox_esr | * | Up to (excluding) 102.15.1 | |||||
| 运行在以下环境 | |||||||||
| 应用 | mozilla | firefox_esr | * | From (including) 115.0 | Up to (excluding) 115.2.1 | ||||
| 运行在以下环境 | |||||||||
| 应用 | mozilla | thunderbird | * | Up to (excluding) 102.15.1 | |||||
| 运行在以下环境 | |||||||||
| 应用 | mozilla | thunderbird | * | From (including) 115.0 | Up to (excluding) 115.2.2 | ||||
| 运行在以下环境 | |||||||||
| 应用 | webmproject | libwebp | * | Up to (excluding) 1.3.2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.15 | libwebp | * | Up to (excluding) 1.2.2-r2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.16 | libwebp | * | Up to (excluding) 1.2.3-r2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.17 | libwebp | * | Up to (excluding) 1.2.4-r3 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.18 | firefox-esr | * | Up to (excluding) 5.15.9_git20230407-r2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amazon_2 | firefox | * | Up to (excluding) 102.15.1-1.amzn2.0.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amazon_2023 | libwebp | * | Up to (excluding) 1.2.4-1.amzn2023.0.6 | |||||
| 运行在以下环境 | |||||||||
| 系统 | anolis_os_23 | libwebp-devel | * | Up to (excluding) 1.3.2-1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | anolis_os_8 | firefox | * | Up to (excluding) 1.2.0-7.0.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_10 | chromium | * | Up to (including) 90.0.4430.212-1~deb10u1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_11 | chromium | * | Up to (excluding) 117.0.5938.62-1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_12 | chromium | * | Up to (excluding) 117.0.5938.62-1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_37 | chromium-headless | * | Up to (excluding) 1.3.1-3.fc37 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_38 | chromium-headless | * | Up to (excluding) 1.3.1-3.fc38 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_39 | chromium-headless | * | Up to (excluding) 1.3.1-3.fc39 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_40 | libwebp-tools | * | Up to (excluding) 1.3.1-3.fc40 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_EPEL_7 | seamonkey | * | Up to (excluding) 117.0.5938.132-1.el7 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_EPEL_8 | chromium-headless | * | Up to (excluding) 117.0.5938.132-1.el8 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_EPEL_9 | chromium-headless | * | Up to (excluding) 117.0.5938.132-1.el9 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_aarch64_V10 | firefox | * | Up to (excluding) 1.1.0-5.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_aarch64_V10HPC | firefox | * | Up to (excluding) 1.1.0-5.ky10h | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_aarch64_V10SP1 | libwebp | * | Up to (excluding) 1.1.0-5.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_aarch64_V10SP2 | libwebp | * | Up to (excluding) 1.1.0-5.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_aarch64_V10SP3 | libwebp | * | Up to (excluding) 1.1.0-5.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_loongarch64_V10SP1 | libwebp | * | Up to (excluding) 1.1.0-5.a.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_loongarch64_V10SP3 | libwebp | * | Up to (excluding) 1.1.0-5.a.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_x86_64_V10 | firefox | * | Up to (excluding) 1.1.0-5.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_x86_64_V10HPC | firefox | * | Up to (excluding) 1.1.0-5.ky10h | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_x86_64_V10SP1 | libwebp | * | Up to (excluding) 1.1.0-5.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_x86_64_V10SP2 | libwebp | * | Up to (excluding) 1.1.0-5.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_x86_64_V10SP3 | libwebp | * | Up to (excluding) 1.1.0-5.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | opensuse_Leap_15.4 | chromium | * | Up to (excluding) 116.0.5845.187-bp155.2.34.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | opensuse_Leap_15.5 | chromium | * | Up to (excluding) 2.53.17.1-bp155.2.3.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | oracle_7 | oraclelinux-release | * | Up to (excluding) 102.15.1-1.0.1.el7_9 | |||||
| 运行在以下环境 | |||||||||
| 系统 | oracle_8 | oraclelinux-release | * | Up to (excluding) 1.0.0-8.el8_8.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | oracle_9 | oraclelinux-release | * | Up to (excluding) 1.2.0-7.el9_2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | redhat_7 | firefox-debuginfo | * | Up to (excluding) 102.15.1-1.el7_9 | |||||
| 运行在以下环境 | |||||||||
| 系统 | redhat_8 | firefox-debugsource | * | Up to (excluding) 1.0.0-8.el8_8.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | redhat_9 | firefox-debugsource | * | Up to (excluding) 1.2.0-7.el9_2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | suse_12_SP5 | libwebp5 | * | Up to (excluding) 115.2.1-112.179.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_20.04 | thunderbird | * | Up to (excluding) 0.6.1-2ubuntu0.20.04.3 | |||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_22.04 | libwebp | * | Up to (excluding) 1.2.2-2ubuntu0.22.04.2 | |||||
- 攻击路径 远程
- 攻击复杂度 复杂
- 权限要求 普通权限
- 影响范围 全局影响
- EXP成熟度 POC 已公开
- 补丁情况 官方补丁
- 数据保密性 数据泄露
- 数据完整性 无影响
- 服务器危害 服务器失陷
- 全网数量 100000+
| CWE-ID | 漏洞类型 |
| CWE-787 | 跨界内存写 |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论