Описание
Security update for chromium
This update for chromium fixes the following issues:
Chromium 91.0.4472.114 (boo#1187481)
- CVE-2021-30554: Use after free in WebGL
- CVE-2021-30555: Use after free in Sharing
- CVE-2021-30556: Use after free in WebAudio
- CVE-2021-30557: Use after free in TabGroups
- CVE-2021-30544: Use after free in BFCache
- CVE-2021-30545: Use after free in Extensions
- CVE-2021-30546: Use after free in Autofill
- CVE-2021-30547: Out of bounds write in ANGLE
- CVE-2021-30548: Use after free in Loader
- CVE-2021-30549: Use after free in Spell check
- CVE-2021-30550: Use after free in Accessibility
- CVE-2021-30551: Type Confusion in V8
- CVE-2021-30552: Use after free in Extensions
- CVE-2021-30553: Use after free in Network service
- Fix use-after-free in SendTabToSelfSubMenuModel
- Destroy system-token NSSCertDatabase on the IO thread
- Various fixes from internal audits, fuzzing and other initiatives
Список пакетов
SUSE Package Hub 15 SP3
openSUSE Leap 15.3
Ссылки
- E-Mail link for openSUSE-SU-2021:0938-1
- SUSE Security Ratings
- SUSE Bug 1187141
- SUSE Bug 1187481
- SUSE CVE CVE-2021-30544 page
- SUSE CVE CVE-2021-30545 page
- SUSE CVE CVE-2021-30546 page
- SUSE CVE CVE-2021-30547 page
- SUSE CVE CVE-2021-30548 page
- SUSE CVE CVE-2021-30549 page
- SUSE CVE CVE-2021-30550 page
- SUSE CVE CVE-2021-30551 page
- SUSE CVE CVE-2021-30552 page
- SUSE CVE CVE-2021-30553 page
- SUSE CVE CVE-2021-30554 page
- SUSE CVE CVE-2021-30555 page
- SUSE CVE CVE-2021-30556 page
- SUSE CVE CVE-2021-30557 page
Описание
Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30544
- SUSE Bug 1187141
Описание
Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30545
- SUSE Bug 1187141
Описание
Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30546
- SUSE Bug 1187141
Описание
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30547
- SUSE Bug 1187141
- SUSE Bug 1188275
Описание
Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30548
- SUSE Bug 1187141
Описание
Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30549
- SUSE Bug 1187141
Описание
Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30550
- SUSE Bug 1187141
Описание
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30551
- SUSE Bug 1187141
Описание
Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30552
- SUSE Bug 1187141
Описание
Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30553
- SUSE Bug 1187141
Описание
Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30554
- SUSE Bug 1187481
Описание
Use after free in Sharing in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and user gesture.
Затронутые продукты
Ссылки
- CVE-2021-30555
- SUSE Bug 1187481
Описание
Use after free in WebAudio in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30556
- SUSE Bug 1187481
Описание
Use after free in TabGroups in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30557
- SUSE Bug 1187481