Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2023:0093-1

Опубликовано: 24 апр. 2023
Источник: suse-cvrf

Описание

Security update for chromium

This update for chromium fixes the following issues:

Chromium 112.0.5615.165 (boo#1210618):

  • CVE-2023-2133: Out of bounds memory access in Service Worker API
  • CVE-2023-2134: Out of bounds memory access in Service Worker API
  • CVE-2023-2135: Use after free in DevTools
  • CVE-2023-2136: Integer overflow in Skia
  • CVE-2023-2137: Heap buffer overflow in sqlite

Список пакетов

SUSE Package Hub 15 SP4
chromedriver-112.0.5615.165-bp154.2.84.1
chromium-112.0.5615.165-bp154.2.84.1
openSUSE Leap 15.4
chromedriver-112.0.5615.165-bp154.2.84.1
chromium-112.0.5615.165-bp154.2.84.1

Ссылки

Описание

Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-112.0.5615.165-bp154.2.84.1
SUSE Package Hub 15 SP4:chromium-112.0.5615.165-bp154.2.84.1
openSUSE Leap 15.4:chromedriver-112.0.5615.165-bp154.2.84.1
openSUSE Leap 15.4:chromium-112.0.5615.165-bp154.2.84.1
Ссылки

Описание

Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-112.0.5615.165-bp154.2.84.1
SUSE Package Hub 15 SP4:chromium-112.0.5615.165-bp154.2.84.1
openSUSE Leap 15.4:chromedriver-112.0.5615.165-bp154.2.84.1
openSUSE Leap 15.4:chromium-112.0.5615.165-bp154.2.84.1
Ссылки

Описание

Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-112.0.5615.165-bp154.2.84.1
SUSE Package Hub 15 SP4:chromium-112.0.5615.165-bp154.2.84.1
openSUSE Leap 15.4:chromedriver-112.0.5615.165-bp154.2.84.1
openSUSE Leap 15.4:chromium-112.0.5615.165-bp154.2.84.1
Ссылки

Описание

Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-112.0.5615.165-bp154.2.84.1
SUSE Package Hub 15 SP4:chromium-112.0.5615.165-bp154.2.84.1
openSUSE Leap 15.4:chromedriver-112.0.5615.165-bp154.2.84.1
openSUSE Leap 15.4:chromium-112.0.5615.165-bp154.2.84.1
Ссылки

Описание

Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Затронутые продукты
SUSE Package Hub 15 SP4:chromedriver-112.0.5615.165-bp154.2.84.1
SUSE Package Hub 15 SP4:chromium-112.0.5615.165-bp154.2.84.1
openSUSE Leap 15.4:chromedriver-112.0.5615.165-bp154.2.84.1
openSUSE Leap 15.4:chromium-112.0.5615.165-bp154.2.84.1
Ссылки