openSUSE-SU-2023:0237-1

Опубликовано: 28 авг. 2023

Источник: suse-cvrf

Описание

Security update for chromium

This update for chromium fixes the following issues:

Chromium 116.0.5845.110 (boo#1214487):

CVE-2023-4427: Out of bounds memory access in V8
CVE-2023-4428: Out of bounds memory access in CSS
CVE-2023-4429: Use after free in Loader
CVE-2023-4430: Use after free in Vulkan
CVE-2023-4431: Out of bounds memory access in Fonts

Список пакетов

SUSE Package Hub 15 SP4

chromedriver-116.0.5845.110-bp155.2.22.1

chromium-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP5

chromedriver-116.0.5845.110-bp155.2.22.1

chromium-116.0.5845.110-bp155.2.22.1

openSUSE Leap 15.4

chromedriver-116.0.5845.110-bp155.2.22.1

chromium-116.0.5845.110-bp155.2.22.1

openSUSE Leap 15.5

chromedriver-116.0.5845.110-bp155.2.22.1

chromium-116.0.5845.110-bp155.2.22.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/H37YYMY3746JCGEKWXZITPFMBMSHFECF/
E-Mail link for openSUSE-SU-2023:0237-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1214487
SUSE Bug 1214487
https://www.suse.com/security/cve/CVE-2023-4427/
SUSE CVE CVE-2023-4427 page
https://www.suse.com/security/cve/CVE-2023-4428/
SUSE CVE CVE-2023-4428 page
https://www.suse.com/security/cve/CVE-2023-4429/
SUSE CVE CVE-2023-4429 page
https://www.suse.com/security/cve/CVE-2023-4430/
SUSE CVE CVE-2023-4430 page
https://www.suse.com/security/cve/CVE-2023-4431/
SUSE CVE CVE-2023-4431 page

Описание

Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты

SUSE Package Hub 15 SP4:chromedriver-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP4:chromium-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP5:chromedriver-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP5:chromium-116.0.5845.110-bp155.2.22.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-4427.html
CVE-2023-4427
https://bugzilla.suse.com/1214487
SUSE Bug 1214487

Описание

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты

SUSE Package Hub 15 SP4:chromedriver-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP4:chromium-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP5:chromedriver-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP5:chromium-116.0.5845.110-bp155.2.22.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-4428.html
CVE-2023-4428
https://bugzilla.suse.com/1214487
SUSE Bug 1214487

Описание

Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты

SUSE Package Hub 15 SP4:chromedriver-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP4:chromium-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP5:chromedriver-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP5:chromium-116.0.5845.110-bp155.2.22.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-4429.html
CVE-2023-4429
https://bugzilla.suse.com/1214487
SUSE Bug 1214487

Описание

Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты

SUSE Package Hub 15 SP4:chromedriver-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP4:chromium-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP5:chromedriver-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP5:chromium-116.0.5845.110-bp155.2.22.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-4430.html
CVE-2023-4430
https://bugzilla.suse.com/1214487
SUSE Bug 1214487

Описание

Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

Затронутые продукты

SUSE Package Hub 15 SP4:chromedriver-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP4:chromium-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP5:chromedriver-116.0.5845.110-bp155.2.22.1

SUSE Package Hub 15 SP5:chromium-116.0.5845.110-bp155.2.22.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-4431.html
CVE-2023-4431
https://bugzilla.suse.com/1214487
SUSE Bug 1214487

openSUSE-SU-2023:0237-1

Описание

Список пакетов

SUSE Package Hub 15 SP4

SUSE Package Hub 15 SP5

openSUSE Leap 15.4

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2023-4427

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-4428

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-4429

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-4430

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-4431

Описание

Затронутые продукты

Ссылки