USN-5881-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-5881-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-5881-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-5881-1
Related
Published
2023-02-21T15:53:57.674629Z
Modified
2023-02-21T15:53:57.674629Z
Summary
chromium-browser vulnerabilities
Details

It was discovered that Chromium did not properly manage memory. A remote attacker could possibly use these issues to cause a denial of service or execute arbitrary code via a crafted HTML page. (CVE-2023-0471, CVE-2023-0472, CVE-2023-0473, CVE-2023-0696, CVE-2023-0698, CVE-2023-0699, CVE-2023-0702, CVE-2023-0705)

It was discovered that Chromium did not properly manage memory. A remote attacker who convinced a user to install a malicious extension could possibly use this issue to corrupt memory via a Chrome web app. (CVE-2023-0474)

It was discovered that Chromium contained an inappropriate implementation in the Download component. A remote attacker could possibly use this issue to spoof contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2023-0700)

It was discovered that Chromium did not properly manage memory. A remote attacker who convinced a user to engage in specific UI interactions could possibly use these issues to cause a denial of service or execute arbitrary code. (CVE-2023-0701, CVE-2023-0703)

It was discovered that Chromium insufficiently enforced policies. A remote attacker could possibly use this issue to bypass same origin policy and proxy settings via a crafted HTML page. (CVE-2023-0704)

References

Affected packages

Ubuntu:18.04:LTS / chromium-browser

Package

Name
chromium-browser

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
110.0.5481.100-0ubuntu0.18.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "chromium-chromedriver": "110.0.5481.100-0ubuntu0.18.04.1",
            "chromium-codecs-ffmpeg": "110.0.5481.100-0ubuntu0.18.04.1",
            "chromium-browser": "110.0.5481.100-0ubuntu0.18.04.1",
            "chromium-codecs-ffmpeg-extra": "110.0.5481.100-0ubuntu0.18.04.1",
            "chromium-browser-l10n": "110.0.5481.100-0ubuntu0.18.04.1"
        }
    ]
}