Описание
Security update for chromium
This update to Chromium 62.0.3202.75 fixes the following security issues:
- CVE-2017-5124: UXSS with MHTML
- CVE-2017-5125: Heap overflow in Skia
- CVE-2017-5126: Use after free in PDFium
- CVE-2017-5127: Use after free in PDFium
- CVE-2017-5128: Heap overflow in WebGL
- CVE-2017-5129: Use after free in WebAudio
- CVE-2017-5132: Incorrect stack manipulation in WebAssembly.
- CVE-2017-5130: Heap overflow in libxml2
- CVE-2017-5131: Out of bounds write in Skia
- CVE-2017-5133: Out of bounds write in Skia
- CVE-2017-15386: UI spoofing in Blink
- CVE-2017-15387: Content security bypass
- CVE-2017-15388: Out of bounds read in Skia
- CVE-2017-15389: URL spoofing in OmniBox
- CVE-2017-15390: URL spoofing in OmniBox
- CVE-2017-15391: Extension limitation bypass in Extensions.
- CVE-2017-15392: Incorrect registry key handling in PlatformIntegration
- CVE-2017-15393: Referrer leak in Devtools
- CVE-2017-15394: URL spoofing in extensions UI
- CVE-2017-15395: Null pointer dereference in ImageCapture
- CVE-2017-15396: Stack overflow in V8
Список пакетов
openSUSE Leap 42.2
openSUSE Leap 42.3
Ссылки
- E-Mail link for openSUSE-SU-2017:2902-1
- SUSE Security Ratings
Описание
Incorrect implementation in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2017-15386
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2017-15387
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
Iteration through non-finite points in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2017-15388
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
An insufficient watchdog timer in navigation in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2017-15389
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.
Затронутые продукты
Ссылки
- CVE-2017-15390
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to access Extension pages without authorisation via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2017-15391
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
Insufficient data validation in V8 in Google Chrome prior to 62.0.3202.62 allowed an attacker who can write to the Windows Registry to potentially exploit heap corruption via a crafted Windows Registry entry, related to PlatformIntegration.
Затронутые продукты
Ссылки
- CVE-2017-15392
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak.
Затронутые продукты
Ссылки
- CVE-2017-15393
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing in permission dialogs via IDN homographs in a crafted Chrome Extension.
Затронутые продукты
Ссылки
- CVE-2017-15394
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
A use after free in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an ImageCapture NULL pointer dereference.
Затронутые продукты
Ссылки
- CVE-2017-15395
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2017-15396
- SUSE Bug 1065405
Описание
Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.
Затронутые продукты
Ссылки
- CVE-2017-5124
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2017-5125
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
Затронутые продукты
Ссылки
- CVE-2017-5126
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
Затронутые продукты
Ссылки
- CVE-2017-5127
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL.
Затронутые продукты
Ссылки
- CVE-2017-5128
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2017-5129
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
Затронутые продукты
Ссылки
- CVE-2017-5130
- SUSE Bug 1064066
- SUSE Bug 1064089
- SUSE Bug 1078806
- SUSE Bug 1123129
- SUSE Bug 1123919
Описание
An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.
Затронутые продукты
Ссылки
- CVE-2017-5131
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation.
Затронутые продукты
Ссылки
- CVE-2017-5132
- SUSE Bug 1064066
- SUSE Bug 1064089
Описание
Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentially execute code via a crafted PDF file.
Затронутые продукты
Ссылки
- CVE-2017-5133
- SUSE Bug 1064066
- SUSE Bug 1064089