ID de Prueba:	1.3.6.1.4.1.25623.1.0.856143
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (openSUSE-SU-2024:0123-1)
Resumen:	The remote host is missing an update for the 'chromium' package(s) announced via the openSUSE-SU-2024:0123-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'chromium' package(s) announced via the openSUSE-SU-2024:0123-1 advisory. Vulnerability Insight: This update for chromium fixes the following issues: - Chromium 124.0.6367.201 * CVE-2024-4671: Use after free in Visuals - Chromium 124.0.6367.155 (boo#1224045) * CVE-2024-4558: Use after free in ANGLE * CVE-2024-4559: Heap buffer overflow in WebAudio - Chromium 124.0.6367.118 (boo#1223846) * CVE-2024-4331: Use after free in Picture In Picture * CVE-2024-4368: Use after free in Dawn - Chromium 124.0.6367.78 (boo#1223845) * CVE-2024-4058: Type Confusion in ANGLE * CVE-2024-4059: Out of bounds read in V8 API * CVE-2024-4060: Use after free in Dawn - Chromium 124.0.6367.60 (boo#1222958) * CVE-2024-3832: Object corruption in V8. * CVE-2024-3833: Object corruption in WebAssembly. * CVE-2024-3834: Use after free in Downloads. Reported by ChaobinZhang * CVE-2024-3837: Use after free in QUIC. * CVE-2024-3838: Inappropriate implementation in Autofill. * CVE-2024-3839: Out of bounds read in Fonts. * CVE-2024-3840: Insufficient policy enforcement in Site Isolation. * CVE-2024-3841: Insufficient data validation in Browser Switcher. * CVE-2024-3843: Insufficient data validation in Downloads. * CVE-2024-3844: Inappropriate implementation in Extensions. * CVE-2024-3845: Inappropriate implementation in Network. * CVE-2024-3846: Inappropriate implementation in Prompts. * CVE-2024-3847: Insufficient policy enforcement in WebUI. - Chromium 123.0.6312.122 (boo#1222707) * CVE-2024-3157: Out of bounds write in Compositing * CVE-2024-3516: Heap buffer overflow in ANGLE * CVE-2024-3515: Use after free in Dawn - Chromium 123.0.6312.105 (boo#1222260) * CVE-2024-3156: Inappropriate implementation in V8 * CVE-2024-3158: Use after free in Bookmarks * CVE-2024-3159: Out of bounds memory access in V8 - Chromium 123.0.6312.86 (boo#1222035) * CVE-2024-2883: Use after free in ANGLE * CVE-2024-2885: Use after free in Dawn * CVE-2024-2886: Use after free in WebCodecs * CVE-2024-2887: Type Confusion in WebAssembly - Chromium 123.0.6312.58 (boo#1221732) * CVE-2024-2625: Object lifecycle issue in V8 * CVE-2024-2626: Out of bounds read in Swiftshader * CVE-2024-2627: Use after free in Canvas * CVE-2024-2628: Inappropriate implementation in Downloads Affected Software/OS: 'chromium' package(s) on openSUSE Leap 15.5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-2625 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/ https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html https://issues.chromium.org/issues/327740539 Common Vulnerability Exposure (CVE) ID: CVE-2024-2626 https://issues.chromium.org/issues/40945098 Common Vulnerability Exposure (CVE) ID: CVE-2024-2627 https://issues.chromium.org/issues/41493290 Common Vulnerability Exposure (CVE) ID: CVE-2024-2628 https://issues.chromium.org/issues/41487774 Common Vulnerability Exposure (CVE) ID: CVE-2024-2883 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT/ https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html https://issues.chromium.org/issues/327807820 Common Vulnerability Exposure (CVE) ID: CVE-2024-2885 https://issues.chromium.org/issues/328958020 Common Vulnerability Exposure (CVE) ID: CVE-2024-2886 https://issues.chromium.org/issues/330575496 Common Vulnerability Exposure (CVE) ID: CVE-2024-2887 https://issues.chromium.org/issues/330588502 Common Vulnerability Exposure (CVE) ID: CVE-2024-3156 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/ https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/329130358 Common Vulnerability Exposure (CVE) ID: CVE-2024-3157 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDHNEFD76ORM7WBWAEZT6HSYDMZVIED4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EW66LXDACTB5FCHLUPZOGD2KA2J62Q2/ https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html https://issues.chromium.org/issues/331237485 Common Vulnerability Exposure (CVE) ID: CVE-2024-3158 https://issues.chromium.org/issues/329965696 Common Vulnerability Exposure (CVE) ID: CVE-2024-3159 https://issues.chromium.org/issues/330760873 Common Vulnerability Exposure (CVE) ID: CVE-2024-3515 https://issues.chromium.org/issues/331123811 Common Vulnerability Exposure (CVE) ID: CVE-2024-3516 https://issues.chromium.org/issues/328859176 Common Vulnerability Exposure (CVE) ID: CVE-2024-3832 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/ https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html https://issues.chromium.org/issues/331358160 Common Vulnerability Exposure (CVE) ID: CVE-2024-3833 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/ https://issues.chromium.org/issues/331383939 Common Vulnerability Exposure (CVE) ID: CVE-2024-3834 https://issues.chromium.org/issues/326607008 Common Vulnerability Exposure (CVE) ID: CVE-2024-3837 https://issues.chromium.org/issues/41491379 Common Vulnerability Exposure (CVE) ID: CVE-2024-3838 https://issues.chromium.org/issues/328278717 Common Vulnerability Exposure (CVE) ID: CVE-2024-3839 https://issues.chromium.org/issues/41491859 Common Vulnerability Exposure (CVE) ID: CVE-2024-3840 https://issues.chromium.org/issues/41493458 Common Vulnerability Exposure (CVE) ID: CVE-2024-3841 https://issues.chromium.org/issues/330376742 Common Vulnerability Exposure (CVE) ID: CVE-2024-3843 https://issues.chromium.org/issues/41486690 Common Vulnerability Exposure (CVE) ID: CVE-2024-3844 https://issues.chromium.org/issues/40058873 Common Vulnerability Exposure (CVE) ID: CVE-2024-3845 https://issues.chromium.org/issues/323583084 Common Vulnerability Exposure (CVE) ID: CVE-2024-3846 https://issues.chromium.org/issues/40064754 Common Vulnerability Exposure (CVE) ID: CVE-2024-3847 https://issues.chromium.org/issues/328690293 Common Vulnerability Exposure (CVE) ID: CVE-2024-4058 https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html https://issues.chromium.org/issues/332546345 Common Vulnerability Exposure (CVE) ID: CVE-2024-4059 https://issues.chromium.org/issues/333182464 Common Vulnerability Exposure (CVE) ID: CVE-2024-4060 https://issues.chromium.org/issues/333420620 Common Vulnerability Exposure (CVE) ID: CVE-2024-4331 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7I4FMQSOVTCIIH4XT2MJGEQRUACLPB6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/ https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html https://issues.chromium.org/issues/335003891 Common Vulnerability Exposure (CVE) ID: CVE-2024-4368 https://issues.chromium.org/issues/333508731 Common Vulnerability Exposure (CVE) ID: CVE-2024-4558 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/ https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html https://issues.chromium.org/issues/337766133 Common Vulnerability Exposure (CVE) ID: CVE-2024-4559 https://issues.chromium.org/issues/331369797 Common Vulnerability Exposure (CVE) ID: CVE-2024-4671 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/ https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html https://issues.chromium.org/issues/339266700
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.