Описание
Security update for chromium
This update for Chromium to version 69.0.3497.81 fixes multiple issues.
Security issues fixed (boo#1107235):
- CVE-2018-16065: Out of bounds write in V8
- CVE-2018-16066:Out of bounds read in Blink
- CVE-2018-16067: Out of bounds read in WebAudio
- CVE-2018-16068: Out of bounds write in Mojo
- CVE-2018-16069:Out of bounds read in SwiftShader
- CVE-2018-16070: Integer overflow in Skia
- CVE-2018-16071: Use after free in WebRTC
- CVE-2018-16073: Site Isolation bypass after tab restore
- CVE-2018-16074: Site Isolation bypass using Blob URLS
- Out of bounds read in Little-CMS
- CVE-2018-16075: Local file access in Blink
- CVE-2018-16076: Out of bounds read in PDFium
- CVE-2018-16077: Content security policy bypass in Blink
- CVE-2018-16078: Credit card information leak in Autofill
- CVE-2018-16079: URL spoof in permission dialogs
- CVE-2018-16080: URL spoof in full screen mode
- CVE-2018-16081: Local file access in DevTools
- CVE-2018-16082: Stack buffer overflow in SwiftShader
- CVE-2018-16083: Out of bounds read in WebRTC
- CVE-2018-16084: User confirmation bypass in external protocol handling
- CVE-2018-16085: Use after free in Memory Instrumentation
- CVE-2017-15430: Unsafe navigation in Chromecast (boo#1106341)
- CVE-2018-16086: Script injection in New Tab Page
- CVE-2018-16087: Multiple download restriction bypass
- CVE-2018-16088: User gesture requirement bypass
The re2 regular expression library was updated to the current version 2018-09-01.
Список пакетов
SUSE Package Hub for SUSE Linux Enterprise 12
SUSE Package Hub for SUSE Linux Enterprise 15
Ссылки
- E-Mail link for openSUSE-SU-2018:2659-1
- SUSE Security Ratings
Описание
Unsafe navigation in Chromecast in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2017-15430
- SUSE Bug 1071691
- SUSE Bug 1106341
Описание
A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-16065
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-16066
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-16067
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-16068
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Затронутые продукты
Ссылки
- CVE-2018-16069
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Затронутые продукты
Ссылки
- CVE-2018-16070
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
Затронутые продукты
Ссылки
- CVE-2018-16071
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Затронутые продукты
Ссылки
- CVE-2018-16073
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Затронутые продукты
Ссылки
- CVE-2018-16074
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Затронутые продукты
Ссылки
- CVE-2018-16075
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
Затронутые продукты
Ссылки
- CVE-2018-16076
- SUSE Bug 1107235
- SUSE Bug 1110628
Описание
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Затронутые продукты
Ссылки
- CVE-2018-16077
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
Unsafe handling of credit card details in Autofill in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-16078
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
A race condition between permission prompts and navigations in Prompts in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-16079
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
A missing check for popup window handling in Fullscreen in Google Chrome on macOS prior to 69.0.3497.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-16080
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system without file access permission via a crafted Chrome Extension.
Затронутые продукты
Ссылки
- CVE-2018-16081
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
An out of bounds read in Swiftshader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-16082
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-16083
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed a remote attacker who convinced the user to perform certain operations to open external programs via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-16084
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
A use after free in ResourceCoordinator in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-16085
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Затронутые продукты
Ссылки
- CVE-2018-16086
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-16087
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235
Описание
A missing check for JS-simulated input events in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to download arbitrary files with no user input via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2018-16088
- SUSE Bug 1086124
- SUSE Bug 1102530
- SUSE Bug 1107235