openSUSE-SU-2024:0020-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2024:0020-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2024:0020-1
Related
Published
2024-01-16T07:30:42Z
Modified
2024-01-16T07:30:42Z
Summary
Security update for chromium
Details

This update for chromium fixes the following issues:

  • Chromium 120.0.6099.216 (boo#1217839, boo#1218048, boo#1218302, boo#1218533, boo#1218719)

    • CVE-2024-0333: Insufficient data validation in Extensions
    • CVE-2024-0222: Use after free in ANGLE
    • CVE-2024-0223: Heap buffer overflow in ANGLE
    • CVE-2024-0224: Use after free in WebAudio
    • CVE-2024-0225: Use after free in WebGPU
    • CVE-2023-7024: Heap buffer overflow in WebRTC
    • CVE-2023-6702: Type Confusion in V8
    • CVE-2023-6703: Use after free in Blink
    • CVE-2023-6704: Use after free in libavif (boo#1218303)
    • CVE-2023-6705: Use after free in WebRTC
    • CVE-2023-6706: Use after free in FedCM
    • CVE-2023-6707: Use after free in CSS
    • CVE-2023-6508: Use after free in Media Stream
    • CVE-2023-6509: Use after free in Side Panel Search
    • CVE-2023-6510: Use after free in Media Capture
    • CVE-2023-6511: Inappropriate implementation in Autofill
    • CVE-2023-6512: Inappropriate implementation in Web Browser UI
References

Affected packages

SUSE:Package Hub 15 SP5 / chromium

Package

Name
chromium
Purl
purl:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
120.0.6099.216-bp155.2.64.1

Ecosystem specific

{
    "binaries": [
        {
            "chromedriver": "120.0.6099.216-bp155.2.64.1",
            "chromium": "120.0.6099.216-bp155.2.64.1"
        }
    ]
}

openSUSE:Leap 15.5 / chromium

Package

Name
chromium
Purl
purl:rpm/suse/chromium&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
120.0.6099.216-bp155.2.64.1

Ecosystem specific

{
    "binaries": [
        {
            "chromedriver": "120.0.6099.216-bp155.2.64.1",
            "chromium": "120.0.6099.216-bp155.2.64.1"
        }
    ]
}