Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2024-0205)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.10.2024.0205

Kategorie: Mageia Linux Local Security Checks

Titel: Mageia: Security Advisory (MGASA-2024-0205)

Zusammenfassung: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2024-0205 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2024-0205 advisory.

Vulnerability Insight:
The chromium-browser-stable package has been updated to the
125.0.6422.141 release. It includes 11 security fixes.
Some of them are:
* High CVE-2024-5493: Heap buffer overflow in WebRTC. Reported by
Cassidy Kim(@cassidy6564) on 2024-05-11
* High CVE-2024-5494: Use after free in Dawn. Reported by wgslfuzz on
2024-05-01
* High CVE-2024-5495: Use after free in Dawn. Reported by wgslfuzz on
2024-05-01
* High CVE-2024-5496: Use after free in Media Session. Reported by
Cassidy Kim(@cassidy6564) on 2024-05-06
* High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs.
Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab on
2024-05-07
* High CVE-2024-5498: Use after free in Presentation API. Reported by
anymous on 2024-05-09
* High CVE-2024-5499: Out of bounds write in Streams API. Reported by
anonymous on 2024-05-11
Please, do note, only x86_64 is supported since some versions ago.
i586 support for linux was stopped some years ago and the community is
not able to provide patches anymore for the latest Chromium code.

Affected Software/OS:
'chromium-browser-stable' package(s) on Mageia 9.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2024-5493
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html
https://issues.chromium.org/issues/339877165
Common Vulnerability Exposure (CVE) ID: CVE-2024-5494
https://issues.chromium.org/issues/338071106
Common Vulnerability Exposure (CVE) ID: CVE-2024-5495
https://issues.chromium.org/issues/338103465
Common Vulnerability Exposure (CVE) ID: CVE-2024-5496
https://issues.chromium.org/issues/338929744
Common Vulnerability Exposure (CVE) ID: CVE-2024-5497
https://issues.chromium.org/issues/339061099
Common Vulnerability Exposure (CVE) ID: CVE-2024-5498
https://issues.chromium.org/issues/339588211
Common Vulnerability Exposure (CVE) ID: CVE-2024-5499
https://issues.chromium.org/issues/339877167

Copyright Copyright (C) 2024 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2024.0205
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2024-0205)
Zusammenfassung:	The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2024-0205 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2024-0205 advisory. Vulnerability Insight: The chromium-browser-stable package has been updated to the 125.0.6422.141 release. It includes 11 security fixes. Some of them are: * High CVE-2024-5493: Heap buffer overflow in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2024-05-11 * High CVE-2024-5494: Use after free in Dawn. Reported by wgslfuzz on 2024-05-01 * High CVE-2024-5495: Use after free in Dawn. Reported by wgslfuzz on 2024-05-01 * High CVE-2024-5496: Use after free in Media Session. Reported by Cassidy Kim(@cassidy6564) on 2024-05-06 * High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab on 2024-05-07 * High CVE-2024-5498: Use after free in Presentation API. Reported by anymous on 2024-05-09 * High CVE-2024-5499: Out of bounds write in Streams API. Reported by anonymous on 2024-05-11 Please, do note, only x86_64 is supported since some versions ago. i586 support for linux was stopped some years ago and the community is not able to provide patches anymore for the latest Chromium code. Affected Software/OS: 'chromium-browser-stable' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2024-5493 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/ https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html https://issues.chromium.org/issues/339877165 Common Vulnerability Exposure (CVE) ID: CVE-2024-5494 https://issues.chromium.org/issues/338071106 Common Vulnerability Exposure (CVE) ID: CVE-2024-5495 https://issues.chromium.org/issues/338103465 Common Vulnerability Exposure (CVE) ID: CVE-2024-5496 https://issues.chromium.org/issues/338929744 Common Vulnerability Exposure (CVE) ID: CVE-2024-5497 https://issues.chromium.org/issues/339061099 Common Vulnerability Exposure (CVE) ID: CVE-2024-5498 https://issues.chromium.org/issues/339588211 Common Vulnerability Exposure (CVE) ID: CVE-2024-5499 https://issues.chromium.org/issues/339877167
Copyright	Copyright (C) 2024 Greenbone AG