Описание
Security update for chromium
This update for chromium fixes the following issues:
Chromium 91.0.4472.101 (boo#1187141)
- CVE-2021-30544: Use after free in BFCache
- CVE-2021-30545: Use after free in Extensions
- CVE-2021-30546: Use after free in Autofill
- CVE-2021-30547: Out of bounds write in ANGLE
- CVE-2021-30548: Use after free in Loader
- CVE-2021-30549: Use after free in Spell check
- CVE-2021-30550: Use after free in Accessibility
- CVE-2021-30551: Type Confusion in V8
- CVE-2021-30552: Use after free in Extensions
- CVE-2021-30553: Use after free in Network service
- Various fixes from internal audits, fuzzing and other initiatives
Список пакетов
openSUSE Leap 15.2
Ссылки
- E-Mail link for openSUSE-SU-2021:0881-1
- SUSE Security Ratings
- SUSE Bug 1187141
- SUSE CVE CVE-2021-30544 page
- SUSE CVE CVE-2021-30545 page
- SUSE CVE CVE-2021-30546 page
- SUSE CVE CVE-2021-30547 page
- SUSE CVE CVE-2021-30548 page
- SUSE CVE CVE-2021-30549 page
- SUSE CVE CVE-2021-30550 page
- SUSE CVE CVE-2021-30551 page
- SUSE CVE CVE-2021-30552 page
- SUSE CVE CVE-2021-30553 page
Описание
Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30544
- SUSE Bug 1187141
Описание
Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30545
- SUSE Bug 1187141
Описание
Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30546
- SUSE Bug 1187141
Описание
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30547
- SUSE Bug 1187141
- SUSE Bug 1188275
Описание
Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30548
- SUSE Bug 1187141
Описание
Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30549
- SUSE Bug 1187141
Описание
Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30550
- SUSE Bug 1187141
Описание
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30551
- SUSE Bug 1187141
Описание
Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30552
- SUSE Bug 1187141
Описание
Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30553
- SUSE Bug 1187141