Test ID:	1.3.6.1.4.1.25623.1.1.10.2024.0178
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2024-0178)
Summary:	The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2024-0178 advisory.
Description:	Summary: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2024-0178 advisory. Vulnerability Insight: The chromium-browser-stable package has been updated to the 124.0.6367.207 release. It includes 4 security fixes. Please, do note, only x86_64 is supported from now on. i586 support for linux was stopped some years ago and the community is not able to provide patches anymore for the latest Chromium code. Some of the security fixes are: * High CVE-2024-4761: Out of bounds write in V8. Reported by Anonymous on 2024-05-09 * High CVE-2024-4671: Use after free in Visuals. Reported by Anonymous on 2024-05-07 * High CVE-2024-4558: Use after free in ANGLE. Reported by gelatin dessert on 2024-04-29 * High CVE-2024-4559: Heap buffer overflow in WebAudio. Reported by Cassidy Kim(@cassidy6564) on 2024-03-2 Google is aware that exploits for CVE-2024-4761 and CVE-2024-4671 exist in the wild. Affected Software/OS: 'chromium-browser-stable' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-4558 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/ https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html https://issues.chromium.org/issues/337766133 Common Vulnerability Exposure (CVE) ID: CVE-2024-4559 https://issues.chromium.org/issues/331369797 Common Vulnerability Exposure (CVE) ID: CVE-2024-4671 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/ https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html https://issues.chromium.org/issues/339266700 Common Vulnerability Exposure (CVE) ID: CVE-2024-4761 https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_13.html https://issues.chromium.org/issues/339458194
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.