Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2024-0205)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2024.0205

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2024-0205)

Resumen: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2024-0205 advisory.

Descripción: Summary:
The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2024-0205 advisory.

Vulnerability Insight:
The chromium-browser-stable package has been updated to the
125.0.6422.141 release. It includes 11 security fixes.
Some of them are:
* High CVE-2024-5493: Heap buffer overflow in WebRTC. Reported by
Cassidy Kim(@cassidy6564) on 2024-05-11
* High CVE-2024-5494: Use after free in Dawn. Reported by wgslfuzz on
2024-05-01
* High CVE-2024-5495: Use after free in Dawn. Reported by wgslfuzz on
2024-05-01
* High CVE-2024-5496: Use after free in Media Session. Reported by
Cassidy Kim(@cassidy6564) on 2024-05-06
* High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs.
Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab on
2024-05-07
* High CVE-2024-5498: Use after free in Presentation API. Reported by
anymous on 2024-05-09
* High CVE-2024-5499: Out of bounds write in Streams API. Reported by
anonymous on 2024-05-11
Please, do note, only x86_64 is supported since some versions ago.
i586 support for linux was stopped some years ago and the community is
not able to provide patches anymore for the latest Chromium code.

Affected Software/OS:
'chromium-browser-stable' package(s) on Mageia 9.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2024-5493
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html
https://issues.chromium.org/issues/339877165
Common Vulnerability Exposure (CVE) ID: CVE-2024-5494
https://issues.chromium.org/issues/338071106
Common Vulnerability Exposure (CVE) ID: CVE-2024-5495
https://issues.chromium.org/issues/338103465
Common Vulnerability Exposure (CVE) ID: CVE-2024-5496
https://issues.chromium.org/issues/338929744
Common Vulnerability Exposure (CVE) ID: CVE-2024-5497
https://issues.chromium.org/issues/339061099
Common Vulnerability Exposure (CVE) ID: CVE-2024-5498
https://issues.chromium.org/issues/339588211
Common Vulnerability Exposure (CVE) ID: CVE-2024-5499
https://issues.chromium.org/issues/339877167

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2024.0205
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2024-0205)
Resumen:	The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2024-0205 advisory.
Descripción:	Summary: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2024-0205 advisory. Vulnerability Insight: The chromium-browser-stable package has been updated to the 125.0.6422.141 release. It includes 11 security fixes. Some of them are: * High CVE-2024-5493: Heap buffer overflow in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2024-05-11 * High CVE-2024-5494: Use after free in Dawn. Reported by wgslfuzz on 2024-05-01 * High CVE-2024-5495: Use after free in Dawn. Reported by wgslfuzz on 2024-05-01 * High CVE-2024-5496: Use after free in Media Session. Reported by Cassidy Kim(@cassidy6564) on 2024-05-06 * High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab on 2024-05-07 * High CVE-2024-5498: Use after free in Presentation API. Reported by anymous on 2024-05-09 * High CVE-2024-5499: Out of bounds write in Streams API. Reported by anonymous on 2024-05-11 Please, do note, only x86_64 is supported since some versions ago. i586 support for linux was stopped some years ago and the community is not able to provide patches anymore for the latest Chromium code. Affected Software/OS: 'chromium-browser-stable' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-5493 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/ https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html https://issues.chromium.org/issues/339877165 Common Vulnerability Exposure (CVE) ID: CVE-2024-5494 https://issues.chromium.org/issues/338071106 Common Vulnerability Exposure (CVE) ID: CVE-2024-5495 https://issues.chromium.org/issues/338103465 Common Vulnerability Exposure (CVE) ID: CVE-2024-5496 https://issues.chromium.org/issues/338929744 Common Vulnerability Exposure (CVE) ID: CVE-2024-5497 https://issues.chromium.org/issues/339061099 Common Vulnerability Exposure (CVE) ID: CVE-2024-5498 https://issues.chromium.org/issues/339588211 Common Vulnerability Exposure (CVE) ID: CVE-2024-5499 https://issues.chromium.org/issues/339877167
Copyright	Copyright (C) 2024 Greenbone AG