openSUSE-SU-2024:0020-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2024:0020-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2024:0020-1
- Related
- Published
- 2024-01-16T07:30:42Z
- Modified
- 2024-01-16T07:30:42Z
- Summary
- Security update for chromium
- Details
-
This update for chromium fixes the following issues:
Chromium 120.0.6099.216 (boo#1217839, boo#1218048, boo#1218302, boo#1218533, boo#1218719)
- CVE-2024-0333: Insufficient data validation in Extensions
- CVE-2024-0222: Use after free in ANGLE
- CVE-2024-0223: Heap buffer overflow in ANGLE
- CVE-2024-0224: Use after free in WebAudio
- CVE-2024-0225: Use after free in WebGPU
- CVE-2023-7024: Heap buffer overflow in WebRTC
- CVE-2023-6702: Type Confusion in V8
- CVE-2023-6703: Use after free in Blink
- CVE-2023-6704: Use after free in libavif (boo#1218303)
- CVE-2023-6705: Use after free in WebRTC
- CVE-2023-6706: Use after free in FedCM
- CVE-2023-6707: Use after free in CSS
- CVE-2023-6508: Use after free in Media Stream
- CVE-2023-6509: Use after free in Side Panel Search
- CVE-2023-6510: Use after free in Media Capture
- CVE-2023-6511: Inappropriate implementation in Autofill
- CVE-2023-6512: Inappropriate implementation in Web Browser UI
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2KWUFI7NWEEY53YIAANSM3OSYVP7LTDM/
- https://bugzilla.suse.com/1217839
- https://bugzilla.suse.com/1218048
- https://bugzilla.suse.com/1218302
- https://bugzilla.suse.com/1218303
- https://bugzilla.suse.com/1218533
- https://bugzilla.suse.com/1218719
- https://www.suse.com/security/cve/CVE-2023-6508
- https://www.suse.com/security/cve/CVE-2023-6509
- https://www.suse.com/security/cve/CVE-2023-6510
- https://www.suse.com/security/cve/CVE-2023-6511
- https://www.suse.com/security/cve/CVE-2023-6512
- https://www.suse.com/security/cve/CVE-2023-6702
- https://www.suse.com/security/cve/CVE-2023-6703
- https://www.suse.com/security/cve/CVE-2023-6704
- https://www.suse.com/security/cve/CVE-2023-6705
- https://www.suse.com/security/cve/CVE-2023-6706
- https://www.suse.com/security/cve/CVE-2023-6707
- https://www.suse.com/security/cve/CVE-2023-7024
- https://www.suse.com/security/cve/CVE-2024-0222
- https://www.suse.com/security/cve/CVE-2024-0223
- https://www.suse.com/security/cve/CVE-2024-0224
- https://www.suse.com/security/cve/CVE-2024-0225
- https://www.suse.com/security/cve/CVE-2024-0333
Affected packages
SUSE:Package Hub 15 SP5 / chromium
Package
- Name
- chromium
- Purl
- pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP5