Описание
Security update for chromium
This update for chromium fixes the following issues:
- Chromium 102.0.5005.115 (boo#1200423)
- CVE-2022-2007: Use after free in WebGPU
- CVE-2022-2008: Out of bounds memory access in WebGL
- CVE-2022-2010: Out of bounds read in compositing
- CVE-2022-2011: Use after free in ANGLE
Список пакетов
SUSE Package Hub 15 SP4
chromedriver-102.0.5005.115-bp154.2.8.1
chromium-102.0.5005.115-bp154.2.8.1
openSUSE Leap 15.4
chromedriver-102.0.5005.115-bp154.2.8.1
chromium-102.0.5005.115-bp154.2.8.1
Ссылки
- E-Mail link for openSUSE-SU-2022:10010-1
- SUSE Security Ratings
- SUSE Bug 1200139
- SUSE Bug 1200423
- SUSE CVE CVE-2022-2007 page
- SUSE CVE CVE-2022-2008 page
- SUSE CVE CVE-2022-2010 page
- SUSE CVE CVE-2022-2011 page
Описание
Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-102.0.5005.115-bp154.2.8.1
SUSE Package Hub 15 SP4:chromium-102.0.5005.115-bp154.2.8.1
openSUSE Leap 15.4:chromedriver-102.0.5005.115-bp154.2.8.1
openSUSE Leap 15.4:chromium-102.0.5005.115-bp154.2.8.1
Ссылки
- CVE-2022-2007
- SUSE Bug 1200423
Описание
Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-102.0.5005.115-bp154.2.8.1
SUSE Package Hub 15 SP4:chromium-102.0.5005.115-bp154.2.8.1
openSUSE Leap 15.4:chromedriver-102.0.5005.115-bp154.2.8.1
openSUSE Leap 15.4:chromium-102.0.5005.115-bp154.2.8.1
Ссылки
- CVE-2022-2008
- SUSE Bug 1200423
Описание
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-102.0.5005.115-bp154.2.8.1
SUSE Package Hub 15 SP4:chromium-102.0.5005.115-bp154.2.8.1
openSUSE Leap 15.4:chromedriver-102.0.5005.115-bp154.2.8.1
openSUSE Leap 15.4:chromium-102.0.5005.115-bp154.2.8.1
Ссылки
- CVE-2022-2010
- SUSE Bug 1200423
Описание
Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-102.0.5005.115-bp154.2.8.1
SUSE Package Hub 15 SP4:chromium-102.0.5005.115-bp154.2.8.1
openSUSE Leap 15.4:chromedriver-102.0.5005.115-bp154.2.8.1
openSUSE Leap 15.4:chromium-102.0.5005.115-bp154.2.8.1
Ссылки
- CVE-2022-2011
- SUSE Bug 1200423