Описание
Security update for chromium
This update for chromium fixes the following issues:
Update to 89.0.4389.114 boo#1184256
- CVE-2021-21194: Use after free in screen capture
- CVE-2021-21195: Use after free in V8
- CVE-2021-21196: Heap buffer overflow in TabStrip
- CVE-2021-21197: Heap buffer overflow in TabStrip
- CVE-2021-21198: Out of bounds read in IPC
- CVE-2021-21199: Use Use after free in Aura
Список пакетов
openSUSE Leap 15.2
Ссылки
- E-Mail link for openSUSE-SU-2021:0513-1
- SUSE Security Ratings
- SUSE Bug 1184256
- SUSE CVE CVE-2021-21194 page
- SUSE CVE CVE-2021-21195 page
- SUSE CVE CVE-2021-21196 page
- SUSE CVE CVE-2021-21197 page
- SUSE CVE CVE-2021-21198 page
- SUSE CVE CVE-2021-21199 page
Описание
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21194
- SUSE Bug 1184256
Описание
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21195
- SUSE Bug 1184256
Описание
Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21196
- SUSE Bug 1184256
Описание
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21197
- SUSE Bug 1184256
Описание
Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21198
- SUSE Bug 1184256
Описание
Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21199
- SUSE Bug 1184256