Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2022-0376)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.10.2022.0376

Kategorie: Mageia Linux Local Security Checks

Titel: Mageia: Security Advisory (MGASA-2022-0376)

Zusammenfassung: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2022-0376 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2022-0376 advisory.

Vulnerability Insight:
The chromium-browser-stable package has been updated to the new 106 branch
with the 106.0.5249.119 version, fixing many bugs and 6 vulnerabilities.
Some of the security fixes are:

High CVE-2022-3445: Use after free in Skia. Reported by Nan Wang
(@eternalsakura13) and Yong Liu of 360 Vulnerability Research Institute on
2022-09-16
High CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by Kaijie Xu
(@kaijieguigui) on 2022-09-26
High CVE-2022-3447: Inappropriate implementation in Custom Tabs. Reported
by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2022-09-22
High CVE-2022-3448: Use after free in Permissions API. Reported by raven
at KunLun lab on 2022-09-13
High CVE-2022-3449: Use after free in Safe Browsing. Reported by asnine on
2022-09-17
High CVE-2022-3450: Use after free in Peer Connection. Reported by
Anonymous on 2022-09-30

Affected Software/OS:
'chromium-browser-stable' package(s) on Mageia 8.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2022-3445
https://security.gentoo.org/glsa/202305-10
https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html
https://crbug.com/1364604
Common Vulnerability Exposure (CVE) ID: CVE-2022-3446
https://crbug.com/1368076
Common Vulnerability Exposure (CVE) ID: CVE-2022-3447
https://crbug.com/1366582
Common Vulnerability Exposure (CVE) ID: CVE-2022-3448
https://crbug.com/1363040
Common Vulnerability Exposure (CVE) ID: CVE-2022-3449
https://crbug.com/1364662
Common Vulnerability Exposure (CVE) ID: CVE-2022-3450
https://crbug.com/1369882

Copyright Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2022.0376
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2022-0376)
Zusammenfassung:	The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2022-0376 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2022-0376 advisory. Vulnerability Insight: The chromium-browser-stable package has been updated to the new 106 branch with the 106.0.5249.119 version, fixing many bugs and 6 vulnerabilities. Some of the security fixes are: High CVE-2022-3445: Use after free in Skia. Reported by Nan Wang (@eternalsakura13) and Yong Liu of 360 Vulnerability Research Institute on 2022-09-16 High CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by Kaijie Xu (@kaijieguigui) on 2022-09-26 High CVE-2022-3447: Inappropriate implementation in Custom Tabs. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2022-09-22 High CVE-2022-3448: Use after free in Permissions API. Reported by raven at KunLun lab on 2022-09-13 High CVE-2022-3449: Use after free in Safe Browsing. Reported by asnine on 2022-09-17 High CVE-2022-3450: Use after free in Peer Connection. Reported by Anonymous on 2022-09-30 Affected Software/OS: 'chromium-browser-stable' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2022-3445 https://security.gentoo.org/glsa/202305-10 https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html https://crbug.com/1364604 Common Vulnerability Exposure (CVE) ID: CVE-2022-3446 https://crbug.com/1368076 Common Vulnerability Exposure (CVE) ID: CVE-2022-3447 https://crbug.com/1366582 Common Vulnerability Exposure (CVE) ID: CVE-2022-3448 https://crbug.com/1363040 Common Vulnerability Exposure (CVE) ID: CVE-2022-3449 https://crbug.com/1364662 Common Vulnerability Exposure (CVE) ID: CVE-2022-3450 https://crbug.com/1369882
Copyright	Copyright (C) 2022 Greenbone AG