NVD Published Date: 03/11/2025
NVD Last Modified: 03/14/2025
Preface: WebKit is a web browser engine used by Safari and other applications across various platforms like macOS, iOS, Linux, and Windows. It processes web content, including JavaScript, HTML, and CSS.
Background: The Web Content sandbox is a security feature within WebKit that isolates web content from the rest of the system. This means that any potentially harmful web content, such as malicious scripts, is contained within a restricted environment, preventing it from affecting other parts of the system. This sandboxing helps protect users from vulnerabilities and exploits that could arise from visiting compromised websites.
The Web Content sandbox in WebKit uses several shared libraries (.so files) to function properly. These libraries are essential for various operations within the sandboxed environment. Some common libraries that might be involved include:
- libwebkit2gtk-4.0.so: This is the main WebKit library for GTK-based applications.
- libjavascriptcoregtk-4.0.so: This library handles JavaScript execution within WebKit.
- libWPEWebKit.so: Used in WebKit for embedded systems.
- libWPEBackend-fdo-1.0.so: Provides backend functionality for WebKit on embedded system.
These libraries help ensure that web content is processed securely and efficiently within the sandbox.
Vulnerability details: An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).
Official announcement: Please refer to the following link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-24201