Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2024:0417-1

Опубликовано: 28 дек. 2024
Источник: suse-cvrf

Описание

Security update for chromium

This security update for Chromium to version 131.0.6778.204 (boo#1234704) fixes:

  • CVE-2024-12692: Type Confusion in V8
  • CVE-2024-12693: Out of bounds memory access in V8
  • CVE-2024-12694: Use after free in Compositing
  • CVE-2024-12695: Out of bounds write in V8
  • Various fixes from internal audits, fuzzing and other initiatives

Список пакетов

SUSE Package Hub 15 SP5
chromedriver-131.0.6778.204-bp156.2.65.1
chromium-131.0.6778.204-bp156.2.65.1
SUSE Package Hub 15 SP6
chromedriver-131.0.6778.204-bp156.2.65.1
chromium-131.0.6778.204-bp156.2.65.1
openSUSE Leap 15.5
chromedriver-131.0.6778.204-bp156.2.65.1
chromium-131.0.6778.204-bp156.2.65.1
openSUSE Leap 15.6
chromedriver-131.0.6778.204-bp156.2.65.1
chromium-131.0.6778.204-bp156.2.65.1

Ссылки

Описание

Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты
SUSE Package Hub 15 SP5:chromedriver-131.0.6778.204-bp156.2.65.1
SUSE Package Hub 15 SP5:chromium-131.0.6778.204-bp156.2.65.1
SUSE Package Hub 15 SP6:chromedriver-131.0.6778.204-bp156.2.65.1
SUSE Package Hub 15 SP6:chromium-131.0.6778.204-bp156.2.65.1
Ссылки

Описание

Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты
SUSE Package Hub 15 SP5:chromedriver-131.0.6778.204-bp156.2.65.1
SUSE Package Hub 15 SP5:chromium-131.0.6778.204-bp156.2.65.1
SUSE Package Hub 15 SP6:chromedriver-131.0.6778.204-bp156.2.65.1
SUSE Package Hub 15 SP6:chromium-131.0.6778.204-bp156.2.65.1
Ссылки

Описание

Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты
SUSE Package Hub 15 SP5:chromedriver-131.0.6778.204-bp156.2.65.1
SUSE Package Hub 15 SP5:chromium-131.0.6778.204-bp156.2.65.1
SUSE Package Hub 15 SP6:chromedriver-131.0.6778.204-bp156.2.65.1
SUSE Package Hub 15 SP6:chromium-131.0.6778.204-bp156.2.65.1
Ссылки

Описание

Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты
SUSE Package Hub 15 SP5:chromedriver-131.0.6778.204-bp156.2.65.1
SUSE Package Hub 15 SP5:chromium-131.0.6778.204-bp156.2.65.1
SUSE Package Hub 15 SP6:chromedriver-131.0.6778.204-bp156.2.65.1
SUSE Package Hub 15 SP6:chromium-131.0.6778.204-bp156.2.65.1
Ссылки