Skip to main content
Skip table of contents

ISN 2023-31: Webkit Vulnerabilities

Updated 11 January 2024 (corrected OS 12 fix version)

First published 22 November 2023

CVSS 3.1: 8.8 (High)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Security vulnerabilities have been found in the Webkit browser engine used in IGEL OS. This affects the following IGEL products:

  • IGEL OS 12
  • IGEL OS 11

Details

A vulnerability in Webkit allows a remote attacker to potentially execute arbitrary code using web content. This is tracked as CVE-2023-42852 and rated high. As second issue can lead to denial of service and is also triggered by web content (CVE-2023-41983, medium).

Update Instructions

  • OS 12: Update to base system app version 12.3.1 (available 6 February)
  • OS 11: Update to version 11.09.150 (available 6 December)

References

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.