Описание
Security update for chromium
This update for chromium fixes the following issues:
Chromium 116.0.5845.179 (boo#1215023):
- CVE-2023-4761: Out of bounds memory access in FedCM
- CVE-2023-4762: Type Confusion in V8
- CVE-2023-4763: Use after free in Networks
- CVE-2023-4764: Incorrect security UI in BFCache
Список пакетов
SUSE Package Hub 15 SP4
SUSE Package Hub 15 SP5
openSUSE Leap 15.4
openSUSE Leap 15.5
Ссылки
- E-Mail link for openSUSE-SU-2023:0245-1
- SUSE Security Ratings
- SUSE Bug 1215023
- SUSE CVE CVE-2023-4761 page
- SUSE CVE CVE-2023-4762 page
- SUSE CVE CVE-2023-4763 page
- SUSE CVE CVE-2023-4764 page
Описание
Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2023-4761
- SUSE Bug 1215023
Описание
Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2023-4762
- SUSE Bug 1215023
Описание
Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2023-4763
- SUSE Bug 1215023
Описание
Incorrect security UI in BFCache in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2023-4764
- SUSE Bug 1215023