Test ID:	1.3.6.1.4.1.25623.1.1.10.2022.0130
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2022-0130)
Summary:	The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2022-0130 advisory.
Description:	Summary: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2022-0130 advisory. Vulnerability Insight: Use after free in Portals. (CVE-2022-1125) Use after free in QR Code Generator. (CVE-2022-1127) Inappropriate implementation in Web Share API. (CVE-2022-1128) Inappropriate implementation in Full Screen Mode. (CVE-2022-1129) Insufficient validation of untrusted input in WebOTP. (CVE-2022-1130) Use after free in Cast UI. (CVE-2022-1131) Inappropriate implementation in Virtual Keyboard. (CVE-2022-1132) Use after free in WebRTC. (CVE-2022-1133) Type Confusion in V8. (CVE-2022-1134) Use after free in Shopping Cart. (CVE-2022-1135) Use after free in Tab Strip. (CVE-2022-1136) Inappropriate implementation in Extensions. (CVE-2022-1137) Inappropriate implementation in Web Cursor. (CVE-2022-1138) Inappropriate implementation in Background Fetch API. (CVE-2022-1139) Use after free in File Manager. (CVE-2022-1141) Heap buffer overflow in WebUI. (CVE-2022-1142) Heap buffer overflow in WebUI. (CVE-2022-1143) Use after free in WebUI. (CVE-2022-1144) Use after free in Extensions. (CVE-2022-1145) Inappropriate implementation in Resource Timing. (CVE-2022-1146) Affected Software/OS: 'chromium-browser-stable' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-1125 https://security.gentoo.org/glsa/202208-25 https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html https://crbug.com/1292261 Common Vulnerability Exposure (CVE) ID: CVE-2022-1127 https://crbug.com/1291891 Common Vulnerability Exposure (CVE) ID: CVE-2022-1128 https://crbug.com/1301920 Common Vulnerability Exposure (CVE) ID: CVE-2022-1129 https://crbug.com/1300253 Common Vulnerability Exposure (CVE) ID: CVE-2022-1130 https://crbug.com/1142269 Common Vulnerability Exposure (CVE) ID: CVE-2022-1131 https://crbug.com/1297404 Common Vulnerability Exposure (CVE) ID: CVE-2022-1132 https://crbug.com/1303410 Common Vulnerability Exposure (CVE) ID: CVE-2022-1133 https://crbug.com/1305776 Common Vulnerability Exposure (CVE) ID: CVE-2022-1134 http://packetstormsecurity.com/files/172851/Chrome-Renderer-Type-Confusion-Remote-Code-Execution.html https://crbug.com/1308360 Common Vulnerability Exposure (CVE) ID: CVE-2022-1135 https://crbug.com/1285601 Common Vulnerability Exposure (CVE) ID: CVE-2022-1136 https://crbug.com/1280205 Common Vulnerability Exposure (CVE) ID: CVE-2022-1137 https://crbug.com/1289846 Common Vulnerability Exposure (CVE) ID: CVE-2022-1138 https://crbug.com/1246188 Common Vulnerability Exposure (CVE) ID: CVE-2022-1139 https://crbug.com/1268541 Common Vulnerability Exposure (CVE) ID: CVE-2022-1141 https://crbug.com/1303253 Common Vulnerability Exposure (CVE) ID: CVE-2022-1142 https://crbug.com/1303613 Common Vulnerability Exposure (CVE) ID: CVE-2022-1143 https://crbug.com/1303615 Common Vulnerability Exposure (CVE) ID: CVE-2022-1144 https://crbug.com/1304145 Common Vulnerability Exposure (CVE) ID: CVE-2022-1145 https://crbug.com/1304545 Common Vulnerability Exposure (CVE) ID: CVE-2022-1146 https://crbug.com/1290150
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.