openSUSE-SU-2025:0070-1

Опубликовано: 21 фев. 2025

Источник: suse-cvrf

Описание

Security update for chromium

This update for chromium fixes the following issues:

Chromium 133.0.6943.126 (boo#1237343)

CVE-2025-0999: Heap buffer overflow in V8
CVE-2025-1426: Heap buffer overflow in GPU
CVE-2025-1006: Use after free in Network

Список пакетов

SUSE Package Hub 15 SP6

chromedriver-133.0.6943.126-bp156.2.84.1

chromium-133.0.6943.126-bp156.2.84.1

openSUSE Leap 15.6

chromedriver-133.0.6943.126-bp156.2.84.1

chromium-133.0.6943.126-bp156.2.84.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/B4UZCUYJACVVPJ7WZPPWNH65P5ORPD7P/
E-Mail link for openSUSE-SU-2025:0070-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1237071
SUSE Bug 1237071
https://bugzilla.suse.com/1237343
SUSE Bug 1237343
https://www.suse.com/security/cve/CVE-2025-0999/
SUSE CVE CVE-2025-0999 page
https://www.suse.com/security/cve/CVE-2025-1006/
SUSE CVE CVE-2025-1006 page
https://www.suse.com/security/cve/CVE-2025-1426/
SUSE CVE CVE-2025-1426 page

Описание

Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты

SUSE Package Hub 15 SP6:chromedriver-133.0.6943.126-bp156.2.84.1

SUSE Package Hub 15 SP6:chromium-133.0.6943.126-bp156.2.84.1

openSUSE Leap 15.6:chromedriver-133.0.6943.126-bp156.2.84.1

openSUSE Leap 15.6:chromium-133.0.6943.126-bp156.2.84.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-0999.html
CVE-2025-0999
https://bugzilla.suse.com/1237343
SUSE Bug 1237343

Описание

Use after free in Network in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted web app. (Chromium security severity: Medium)

Затронутые продукты

SUSE Package Hub 15 SP6:chromedriver-133.0.6943.126-bp156.2.84.1

SUSE Package Hub 15 SP6:chromium-133.0.6943.126-bp156.2.84.1

openSUSE Leap 15.6:chromedriver-133.0.6943.126-bp156.2.84.1

openSUSE Leap 15.6:chromium-133.0.6943.126-bp156.2.84.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-1006.html
CVE-2025-1006
https://bugzilla.suse.com/1237343
SUSE Bug 1237343

Описание

Heap buffer overflow in GPU in Google Chrome on Android prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты

SUSE Package Hub 15 SP6:chromedriver-133.0.6943.126-bp156.2.84.1

SUSE Package Hub 15 SP6:chromium-133.0.6943.126-bp156.2.84.1

openSUSE Leap 15.6:chromedriver-133.0.6943.126-bp156.2.84.1

openSUSE Leap 15.6:chromium-133.0.6943.126-bp156.2.84.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-1426.html
CVE-2025-1426
https://bugzilla.suse.com/1237343
SUSE Bug 1237343

openSUSE-SU-2025:0070-1

Описание

Список пакетов

SUSE Package Hub 15 SP6

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2025-0999

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2025-1006

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2025-1426

Описание

Затронутые продукты

Ссылки