Описание
Security update for chromium
This update for chromium fixes the following issues:
- Chromium 125.0.6422.76 (boo#1224818)
- CVE-2024-5157: Use after free in Scheduling
- CVE-2024-5158: Type Confusion in V8
- CVE-2024-5159: Heap buffer overflow in ANGLE
- CVE-2024-5160: Heap buffer overflow in Dawn
- Various fixes from internal audits, fuzzing and other initiatives
Список пакетов
SUSE Package Hub 15 SP5
openSUSE Leap 15.5
Ссылки
- E-Mail link for openSUSE-SU-2024:0137-1
- SUSE Security Ratings
- SUSE Bug 1224818
- SUSE CVE CVE-2024-5157 page
- SUSE CVE CVE-2024-5158 page
- SUSE CVE CVE-2024-5159 page
- SUSE CVE CVE-2024-5160 page
Описание
Use after free in Scheduling in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-5157
- SUSE Bug 1224818
Описание
Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-5158
- SUSE Bug 1224818
Описание
Heap buffer overflow in ANGLE in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-5159
- SUSE Bug 1224818
Описание
Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2024-5160
- SUSE Bug 1224818