Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2022-0376)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2022.0376

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2022-0376)

Resumen: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2022-0376 advisory.

Descripción: Summary:
The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2022-0376 advisory.

Vulnerability Insight:
The chromium-browser-stable package has been updated to the new 106 branch
with the 106.0.5249.119 version, fixing many bugs and 6 vulnerabilities.
Some of the security fixes are:

High CVE-2022-3445: Use after free in Skia. Reported by Nan Wang
(@eternalsakura13) and Yong Liu of 360 Vulnerability Research Institute on
2022-09-16
High CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by Kaijie Xu
(@kaijieguigui) on 2022-09-26
High CVE-2022-3447: Inappropriate implementation in Custom Tabs. Reported
by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2022-09-22
High CVE-2022-3448: Use after free in Permissions API. Reported by raven
at KunLun lab on 2022-09-13
High CVE-2022-3449: Use after free in Safe Browsing. Reported by asnine on
2022-09-17
High CVE-2022-3450: Use after free in Peer Connection. Reported by
Anonymous on 2022-09-30

Affected Software/OS:
'chromium-browser-stable' package(s) on Mageia 8.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2022-3445
https://security.gentoo.org/glsa/202305-10
https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html
https://crbug.com/1364604
Common Vulnerability Exposure (CVE) ID: CVE-2022-3446
https://crbug.com/1368076
Common Vulnerability Exposure (CVE) ID: CVE-2022-3447
https://crbug.com/1366582
Common Vulnerability Exposure (CVE) ID: CVE-2022-3448
https://crbug.com/1363040
Common Vulnerability Exposure (CVE) ID: CVE-2022-3449
https://crbug.com/1364662
Common Vulnerability Exposure (CVE) ID: CVE-2022-3450
https://crbug.com/1369882

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2022.0376
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2022-0376)
Resumen:	The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2022-0376 advisory.
Descripción:	Summary: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2022-0376 advisory. Vulnerability Insight: The chromium-browser-stable package has been updated to the new 106 branch with the 106.0.5249.119 version, fixing many bugs and 6 vulnerabilities. Some of the security fixes are: High CVE-2022-3445: Use after free in Skia. Reported by Nan Wang (@eternalsakura13) and Yong Liu of 360 Vulnerability Research Institute on 2022-09-16 High CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by Kaijie Xu (@kaijieguigui) on 2022-09-26 High CVE-2022-3447: Inappropriate implementation in Custom Tabs. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2022-09-22 High CVE-2022-3448: Use after free in Permissions API. Reported by raven at KunLun lab on 2022-09-13 High CVE-2022-3449: Use after free in Safe Browsing. Reported by asnine on 2022-09-17 High CVE-2022-3450: Use after free in Peer Connection. Reported by Anonymous on 2022-09-30 Affected Software/OS: 'chromium-browser-stable' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-3445 https://security.gentoo.org/glsa/202305-10 https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html https://crbug.com/1364604 Common Vulnerability Exposure (CVE) ID: CVE-2022-3446 https://crbug.com/1368076 Common Vulnerability Exposure (CVE) ID: CVE-2022-3447 https://crbug.com/1366582 Common Vulnerability Exposure (CVE) ID: CVE-2022-3448 https://crbug.com/1363040 Common Vulnerability Exposure (CVE) ID: CVE-2022-3449 https://crbug.com/1364662 Common Vulnerability Exposure (CVE) ID: CVE-2022-3450 https://crbug.com/1369882
Copyright	Copyright (C) 2022 Greenbone AG