Описание
Security update for chromium
This update for chromium fixes the following issues:
Chromium 96.0.4664.110 (boo#1193713):
- CVE-2021-4098: Insufficient data validation in Mojo
- CVE-2021-4099: Use after free in Swiftshader
- CVE-2021-4100: Object lifecycle issue in ANGLE
- CVE-2021-4101: Heap buffer overflow in Swiftshader
- CVE-2021-4102: Use after free in V8
Список пакетов
SUSE Package Hub 15 SP3
openSUSE Leap 15.3
Ссылки
- E-Mail link for openSUSE-SU-2021:1600-1
- SUSE Security Ratings
- SUSE Bug 1193713
- SUSE CVE CVE-2021-4098 page
- SUSE CVE CVE-2021-4099 page
- SUSE CVE CVE-2021-4100 page
- SUSE CVE CVE-2021-4101 page
- SUSE CVE CVE-2021-4102 page
Описание
Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-4098
- SUSE Bug 1193713
Описание
Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-4099
- SUSE Bug 1193713
Описание
Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-4100
- SUSE Bug 1193713
Описание
Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-4101
- SUSE Bug 1193713
Описание
Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-4102
- SUSE Bug 1193713