CVE-2017-7006

Priority
Medium
Description
An issue was discovered in certain Apple products. iOS before 10.3.3 is
affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected.
The issue involves the "WebKit" component. It allows remote attackers to
conduct a timing side-channel attack to bypass the Same Origin Policy and
obtain sensitive information via a crafted web site that uses SVG filters.
References
Package
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 17.04 (Zesty Zapus):needs-triage
Patches:
Package
Upstream:released (2.16.2)
Ubuntu 17.10 (Artful Aardvark):not-affected (2.16.6-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (2.16.3-0ubuntu0.16.04.1)
Ubuntu 17.04 (Zesty Zapus):not-affected (2.16.3-0ubuntu0.17.04.1)
Package
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 17.04 (Zesty Zapus):needs-triage
Package
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 17.04 (Zesty Zapus):needs-triage
More Information

Updated: 2017-08-11 23:26:15 UTC (commit 13081)