Mageia Advisory: MGASA-2024-0321 - Updated chromium-browser-stable packages fix security vulnerabilities

Updated chromium-browser-stable packages fix security vulnerabilities

Publication date: 04 Oct 2024
Modification date: 04 Oct 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-6988 , CVE-2024-6989 , CVE-2024-6991 , CVE-2024-6994 , CVE-2024-6995 , CVE-2024-6996 , CVE-2024-6997 , CVE-2024-6998 , CVE-2024-6999 , CVE-2024-7000 , CVE-2024-7001 , CVE-2024-7003 , CVE-2024-7004 , CVE-2024-7005

Description

Use after free in Downloads. (CVE-2024-6988)
Use after free in Loader. (CVE-2024-6989)
Use after free in Dawn. (CVE-2024-6991)
Heap buffer overflow in Layout. (CVE-2024-6994)
Inappropriate implementation in Fullscreen. (CVE-2024-6995)
Race in Frames. (CVE-2024-6996)
Use after free in Tabs. (CVE-2024-6997)
Use after free in User Education. (CVE-2024-6998)
Inappropriate implementation in FedCM. (CVE-2024-6999)
Use after free in CSS. (CVE-2024-7000)
Inappropriate implementation in HTML. (CVE-2024-7001)
Inappropriate implementation in FedCM. (CVE-2024-7003)
Insufficient validation of untrusted input in Safe Browsing.
(CVE-2024-7004)
Insufficient validation of untrusted input in Safe Browsing.
(CVE-2024-7005)
Uninitialized Use in Dawn. (CVE-2024-6990)
Out of bounds read in WebTransport. (CVE-2024-7255)
Insufficient data validation in Dawn. (CVE-2024-7256)
Out of bounds memory access in ANGLE. (CVE-2024-7532)
Use after free in Sharing. (CVE-2024-7533)
Type Confusion in V8. (CVE-2024-7550)
Heap buffer overflow in Layout. (CVE-2024-7534)
Inappropriate implementation in V8. (CVE-2024-7535)
Use after free in WebAudio. (CVE-2024-7536)
Use after free in Passwords. (CVE-2024-7964)
Inappropriate implementation in V8. (CVE-2024-7965)
Out of bounds memory access in Skia. (CVE-2024-7966)
Heap buffer overflow in Fonts. (CVE-2024-7967)
Use after free in Autofill. (CVE-2024-7968)
Type confusion in V8. (CVE-2024-7971)
Inappropriate implementation in V8. (CVE-2024-7972)
Heap buffer overflow in PDFium. (CVE-2024-7973)
Insufficient data validation in V8 API. (CVE-2024-7974)
Inappropriate implementation in Permissions. (CVE-2024-7975)
Inappropriate implementation in FedCM. (CVE-2024-7976)
Insufficient data validation in Installer. (CVE-2024-7977)
Insufficient policy enforcement in Data Transfer. (CVE-2024-7978)
Insufficient data validation in Installer. (CVE-2024-7979)
Insufficient data validation in Installer. (CVE-2024-7980)
Inappropriate implementation in Views. (CVE-2024-7981)
Inappropriate implementation in WebApp Installs. (CVE-2024-8033)
Inappropriate implementation in Custom Tabs. (CVE-2024-8034)
Inappropriate implementation in Extensions. (CVE-2024-8035)
Type Confusion in V8. (CVE-2024-7969)
Heap buffer overflow in Skia. (CVE-2024-8193)
Type Confusion in V8. (CVE-2024-8194)
Heap buffer overflow in Skia. (CVE-2024-8198)
Use after free in WebAudio. (CVE-2024-8362)
Out of bounds write in V8. (CVE-2024-7970)
Heap buffer overflow in Skia. (CVE-2024-8636)
Use after free in Media Router. (CVE-2024-8637)
Type Confusion in V8. (CVE-2024-8638)
Use after free in Autofill. (CVE-2024-8639)
Type Confusion in V8. (CVE-2024-8904)
Inappropriate implementation in V8. (CVE-2024-8905)
Incorrect security UI in Downloads. (CVE-2024-8906)
Insufficient data validation in Omnibox. (CVE-2024-8907)
Inappropriate implementation in Autofill. (CVE-2024-8908)
Inappropriate implementation in UI. (CVE-2024-8909)
Inappropriate implementation in V8. (CVE-2024-9121)
Type Confusion in V8. (CVE-2024-9122)
Integer overflow in Skia. (CVE-2024-9123)

References

SRPMS

9/tainted

chromium-browser-stable-128.0.6613.137-1.mga9.tainted

Advisories » MGASA-2024-0321

Updated chromium-browser-stable packages fix security vulnerabilities

Description

References

SRPMS

9/tainted