Advisories » MGASA-2024-0321

Updated chromium-browser-stable packages fix security vulnerabilities

Publication date: 04 Oct 2024
Modification date: 25 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-6988 , CVE-2024-6989 , CVE-2024-6990 , CVE-2024-6991 , CVE-2024-6994 , CVE-2024-6995 , CVE-2024-6996 , CVE-2024-6997 , CVE-2024-6998 , CVE-2024-6999 , CVE-2024-7000 , CVE-2024-7001 , CVE-2024-7003 , CVE-2024-7004 , CVE-2024-7005 , CVE-2024-7255 , CVE-2024-7256 , CVE-2024-7532 , CVE-2024-7533 , CVE-2024-7534 , CVE-2024-7535 , CVE-2024-7536 , CVE-2024-7550 , CVE-2024-7964 , CVE-2024-7965 , CVE-2024-7966 , CVE-2024-7967 , CVE-2024-7968 , CVE-2024-7969 , CVE-2024-7970 , CVE-2024-7971 , CVE-2024-7972 , CVE-2024-7973 , CVE-2024-7974 , CVE-2024-7975 , CVE-2024-7976 , CVE-2024-7977 , CVE-2024-7978 , CVE-2024-7979 , CVE-2024-7980 , CVE-2024-7981 , CVE-2024-7982 , CVE-2024-7983 , CVE-2024-7984 , CVE-2024-7985 , CVE-2024-8193 , CVE-2024-8194 , CVE-2024-8198 , CVE-2024-8362 , CVE-2024-8636 , CVE-2024-8637 , CVE-2024-8638 , CVE-2024-8639 , CVE-2024-8904 , CVE-2024-8905 , CVE-2024-8906 , CVE-2024-8907 , CVE-2024-8908 , CVE-2024-8909 , CVE-2024-9121 , CVE-2024-9122 , CVE-2024-9123

Description

Use after free in Downloads. (CVE-2024-6988)
Use after free in Loader. (CVE-2024-6989)
Use after free in Dawn. (CVE-2024-6991)
Heap buffer overflow in Layout. (CVE-2024-6994)
Inappropriate implementation in Fullscreen. (CVE-2024-6995)
Race in Frames. (CVE-2024-6996)
Use after free in Tabs. (CVE-2024-6997)
Use after free in User Education. (CVE-2024-6998)
Inappropriate implementation in FedCM. (CVE-2024-6999)
Use after free in CSS. (CVE-2024-7000)
Inappropriate implementation in HTML. (CVE-2024-7001)
Inappropriate implementation in FedCM. (CVE-2024-7003)
Insufficient validation of untrusted input in Safe Browsing.
(CVE-2024-7004)
Insufficient validation of untrusted input in Safe Browsing.
(CVE-2024-7005)
Uninitialized Use in Dawn. (CVE-2024-6990)
Out of bounds read in WebTransport. (CVE-2024-7255)
Insufficient data validation in Dawn. (CVE-2024-7256)
Out of bounds memory access in ANGLE. (CVE-2024-7532)
Use after free in Sharing. (CVE-2024-7533)
Type Confusion in V8. (CVE-2024-7550)
Heap buffer overflow in Layout. (CVE-2024-7534)
Inappropriate implementation in V8. (CVE-2024-7535)
Use after free in WebAudio. (CVE-2024-7536)
Use after free in Passwords. (CVE-2024-7964)
Inappropriate implementation in V8. (CVE-2024-7965)
Out of bounds memory access in Skia. (CVE-2024-7966)
Heap buffer overflow in Fonts. (CVE-2024-7967)
Use after free in Autofill. (CVE-2024-7968)
Type confusion in V8. (CVE-2024-7971)
Inappropriate implementation in V8. (CVE-2024-7972)
Heap buffer overflow in PDFium. (CVE-2024-7973)
Insufficient data validation in V8 API. (CVE-2024-7974)
Inappropriate implementation in Permissions. (CVE-2024-7975)
Inappropriate implementation in FedCM. (CVE-2024-7976)
Insufficient data validation in Installer. (CVE-2024-7977)
Insufficient policy enforcement in Data Transfer. (CVE-2024-7978)
Insufficient data validation in Installer. (CVE-2024-7979)
Insufficient data validation in Installer. (CVE-2024-7980)
Inappropriate implementation in Views. (CVE-2024-7981)
Type Confusion in V8. (CVE-2024-7969)
Heap buffer overflow in Skia. (CVE-2024-8193)
Type Confusion in V8. (CVE-2024-8194)
Heap buffer overflow in Skia. (CVE-2024-8198)
Use after free in WebAudio. (CVE-2024-8362)
Out of bounds write in V8. (CVE-2024-7970)
Heap buffer overflow in Skia. (CVE-2024-8636)
Use after free in Media Router. (CVE-2024-8637)
Type Confusion in V8. (CVE-2024-8638)
Use after free in Autofill. (CVE-2024-8639)
Type Confusion in V8. (CVE-2024-8904)
Inappropriate implementation in V8. (CVE-2024-8905)
Incorrect security UI in Downloads. (CVE-2024-8906)
Insufficient data validation in Omnibox. (CVE-2024-8907)
Inappropriate implementation in Autofill. (CVE-2024-8908)
Inappropriate implementation in UI. (CVE-2024-8909)
Inappropriate implementation in V8. (CVE-2024-9121)
Type Confusion in V8. (CVE-2024-9122)
Integer overflow in Skia. (CVE-2024-9123)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33443
• https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html
• https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html
• https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html
• https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop.html
• https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html
• https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html
• https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_13.html
• https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html
• https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_30.html
• https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6988
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6989
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6990
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6991
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6994
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6995
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6996
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6997
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6998
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6999
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7000
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7001
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7003
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7004
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7005
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7255
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7256
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7532
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7533
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7534
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7535
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7536
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7550
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7964
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7965
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7966
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7967
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7968
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7969
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7970
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7971
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7972
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7973
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7974
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7975
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7976
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7977
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7978
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7979
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7980
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7981
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7982
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7983
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7984
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7985
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8193
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8194
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8198
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8362
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8636
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8637
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8638
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8639
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8904
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8905
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8906
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8907
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8908
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8909
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9121
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9122
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9123

SRPMS

9/tainted

• chromium-browser-stable-128.0.6613.137-1.mga9.tainted