Описание
Security update for Chromium
Chromium was updated to 51.0.2704.79 to fix a number of security issues. [boo#982719]
- CVE-2016-1696: Cross-origin bypass in Extension bindings
- CVE-2016-1697: Cross-origin bypass in Blink
- CVE-2016-1698: Information leak in Extension bindings
- CVE-2016-1699: Parameter sanitization failure in DevTools
- CVE-2016-1700: Use-after-free in Extensions
- CVE-2016-1701: Use-after-free in Autofill
- CVE-2016-1702: Out-of-bounds read in Skia
- CVE-2016-1703: Various fixes from internal audits, fuzzing and other initiatives
Список пакетов
openSUSE Leap 42.1
Ссылки
- Link for SUSE-SU-2016:1489-1
- E-Mail link for SUSE-SU-2016:1489-1
- SUSE Security Ratings
Описание
The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
Затронутые продукты
Ссылки
- CVE-2016-1696
- SUSE Bug 982719
Описание
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
Затронутые продукты
Ссылки
- CVE-2016-1697
- SUSE Bug 982719
Описание
The createCustomType function in extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.79 does not validate module types, which might allow attackers to load arbitrary modules or obtain sensitive information by leveraging a poisoned definition.
Затронутые продукты
Ссылки
- CVE-2016-1698
- SUSE Bug 982719
Описание
WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 51.0.2704.79, does not ensure that the remoteFrontendUrl parameter is associated with a chrome-devtools-frontend.appspot.com URL, which allows remote attackers to bypass intended access restrictions via a crafted URL.
Затронутые продукты
Ссылки
- CVE-2016-1699
- SUSE Bug 982719
Описание
extensions/renderer/runtime_custom_bindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to extensions.
Затронутые продукты
Ссылки
- CVE-2016-1700
- SUSE Bug 982719
Описание
The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690.
Затронутые продукты
Ссылки
- CVE-2016-1701
- SUSE Bug 982719
Описание
The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data.
Затронутые продукты
Ссылки
- CVE-2016-1702
- SUSE Bug 982719
Описание
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Затронутые продукты
Ссылки
- CVE-2016-1703
- SUSE Bug 982719