Описание
Security update for chromium
This update for chromium fixes the following issues:
Chromium 114.0.5735.133 (boo#1212302):
- CVE-2023-3214: Use after free in Autofill payments
- CVE-2023-3215: Use after free in WebRTC
- CVE-2023-3216: Type Confusion in V8
- CVE-2023-3217: Use after free in WebXR
- Various fixes from internal audits, fuzzing and other initiatives
Список пакетов
SUSE Package Hub 15 SP4
openSUSE Leap 15.4
Ссылки
- E-Mail link for openSUSE-SU-2023:0132-1
- SUSE Security Ratings
- SUSE Bug 1212302
- SUSE CVE CVE-2023-3214 page
- SUSE CVE CVE-2023-3215 page
- SUSE CVE CVE-2023-3216 page
- SUSE CVE CVE-2023-3217 page
Описание
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Затронутые продукты
Ссылки
- CVE-2023-3214
- SUSE Bug 1212302
Описание
Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2023-3215
- SUSE Bug 1212302
Описание
Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2023-3216
- SUSE Bug 1212302
Описание
Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2023-3217
- SUSE Bug 1212302