openSUSE-SU-2024:0204-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2024:0204-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2024:0204-1
- Related
- Published
- 2024-07-18T18:10:25Z
- Modified
- 2024-07-18T18:10:25Z
- Summary
- Security update for chromium
- Details
-
This update for chromium fixes the following issues:
Chromium 126.0.6478.126 (boo#1226504, boo#1226205, boo#1226933)
- CVE-2024-6290: Use after free in Dawn
- CVE-2024-6291: Use after free in Swiftshader
- CVE-2024-6292: Use after free in Dawn
- CVE-2024-6293: Use after free in Dawn
- CVE-2024-6100: Type Confusion in V8
- CVE-2024-6101: Inappropriate implementation in WebAssembly
- CVE-2024-6102: Out of bounds memory access in Dawn
- CVE-2024-6103: Use after free in Dawn
- CVE-2024-5830: Type Confusion in V8
- CVE-2024-5831: Use after free in Dawn
- CVE-2024-5832: Use after free in Dawn
- CVE-2024-5833: Type Confusion in V8
- CVE-2024-5834: Inappropriate implementation in Dawn
- CVE-2024-5835: Heap buffer overflow in Tab Groups
- CVE-2024-5836: Inappropriate Implementation in DevTools
- CVE-2024-5837: Type Confusion in V8
- CVE-2024-5838: Type Confusion in V8
- CVE-2024-5839: Inappropriate Implementation in Memory Allocator
- CVE-2024-5840: Policy Bypass in CORS
- CVE-2024-5841: Use after free in V8
- CVE-2024-5842: Use after free in Browser UI
- CVE-2024-5843: Inappropriate implementation in Downloads
- CVE-2024-5844: Heap buffer overflow in Tab Strip
- CVE-2024-5845: Use after free in Audio
- CVE-2024-5846: Use after free in PDFium
CVE-2024-5847: Use after free in PDFium
- Amend fixbuildingwidevinecdmwithchromium.patch to allow Widevine on ARM64 (boo#1226170)
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/M5T6NMGYYELQHJOU75BSCQDFQVQRR5I7/
- https://bugzilla.suse.com/1226170
- https://bugzilla.suse.com/1226205
- https://bugzilla.suse.com/1226504
- https://bugzilla.suse.com/1226933
- https://www.suse.com/security/cve/CVE-2024-5830
- https://www.suse.com/security/cve/CVE-2024-5831
- https://www.suse.com/security/cve/CVE-2024-5832
- https://www.suse.com/security/cve/CVE-2024-5833
- https://www.suse.com/security/cve/CVE-2024-5834
- https://www.suse.com/security/cve/CVE-2024-5835
- https://www.suse.com/security/cve/CVE-2024-5836
- https://www.suse.com/security/cve/CVE-2024-5837
- https://www.suse.com/security/cve/CVE-2024-5838
- https://www.suse.com/security/cve/CVE-2024-5839
- https://www.suse.com/security/cve/CVE-2024-5840
- https://www.suse.com/security/cve/CVE-2024-5841
- https://www.suse.com/security/cve/CVE-2024-5842
- https://www.suse.com/security/cve/CVE-2024-5843
- https://www.suse.com/security/cve/CVE-2024-5844
- https://www.suse.com/security/cve/CVE-2024-5845
- https://www.suse.com/security/cve/CVE-2024-5846
- https://www.suse.com/security/cve/CVE-2024-5847
- https://www.suse.com/security/cve/CVE-2024-6100
- https://www.suse.com/security/cve/CVE-2024-6101
- https://www.suse.com/security/cve/CVE-2024-6102
- https://www.suse.com/security/cve/CVE-2024-6103
- https://www.suse.com/security/cve/CVE-2024-6290
- https://www.suse.com/security/cve/CVE-2024-6291
- https://www.suse.com/security/cve/CVE-2024-6292
- https://www.suse.com/security/cve/CVE-2024-6293
Affected packages
SUSE:Package Hub 15 SP5 / chromium
Package
- Name
- chromium
- Purl
- pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP5
SUSE:Package Hub 15 SP6 / chromium
Package
- Name
- chromium
- Purl
- pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP6
openSUSE:Leap 15.5 / chromium
Package
- Name
- chromium
- Purl
- pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.5