Описание
Security update for chromium
This update for chromium fixes the following issues:
Changes in chromium:
- Chromium 145.0.7632.159 (boo#1259213)
- CVE-2026-3536: Integer overflow in ANGLE
- CVE-2026-3537: Object lifecycle issue in PowerVR
- CVE-2026-3538: Integer overflow in Skia
- CVE-2026-3539: Object lifecycle issue in DevTools
- CVE-2026-3540: Inappropriate implementation in WebAudio
- CVE-2026-3541: Inappropriate implementation in CSS
- CVE-2026-3542: Inappropriate implementation in WebAssembly
- CVE-2026-3543: Inappropriate implementation in V8
- CVE-2026-3544: Heap buffer overflow in WebCodecs
- CVE-2026-3545: Insufficient data validation in Navigation
Список пакетов
openSUSE Leap 16.0
Ссылки
- SUSE Security Ratings
- SUSE Bug 1259213
- SUSE CVE CVE-2026-3536 page
- SUSE CVE CVE-2026-3537 page
- SUSE CVE CVE-2026-3538 page
- SUSE CVE CVE-2026-3539 page
- SUSE CVE CVE-2026-3540 page
- SUSE CVE CVE-2026-3541 page
- SUSE CVE CVE-2026-3542 page
- SUSE CVE CVE-2026-3543 page
- SUSE CVE CVE-2026-3544 page
- SUSE CVE CVE-2026-3545 page
Описание
Integer overflow in ANGLE in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)
Затронутые продукты
Ссылки
- CVE-2026-3536
- SUSE Bug 1259213
Описание
Object lifecycle issue in PowerVR in Google Chrome on Android prior to 145.0.7632.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Затронутые продукты
Ссылки
- CVE-2026-3537
- SUSE Bug 1259213
Описание
Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)
Затронутые продукты
Ссылки
- CVE-2026-3538
- SUSE Bug 1259213
Описание
Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2026-3539
- SUSE Bug 1259213
Описание
Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2026-3540
- SUSE Bug 1259213
Описание
Inappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2026-3541
- SUSE Bug 1259213
Описание
Inappropriate implementation in WebAssembly in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2026-3542
- SUSE Bug 1259213
Описание
Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2026-3543
- SUSE Bug 1259213
Описание
Heap buffer overflow in WebCodecs in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2026-3544
- SUSE Bug 1259213
Описание
Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2026-3545
- SUSE Bug 1259213