 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.18.1.2024.0254.2 |
| Category: | openSUSE Local Security Checks |
| Title: | openSUSE Security Advisory (openSUSE-SU-2024:0254-2) |
| Summary: | The remote host is missing an update for the 'chromium, gn, rust-bindgen' package(s) announced via the openSUSE-SU-2024:0254-2 advisory. |
| Description: | Summary: The remote host is missing an update for the 'chromium, gn, rust-bindgen' package(s) announced via the openSUSE-SU-2024:0254-2 advisory. Vulnerability Insight: This update for chromium, gn, rust-bindgen fixes the following issues: - Chromium 127.0.6533.119 (boo#1228941) * CVE-2024-7532: Out of bounds memory access in ANGLE * CVE-2024-7533: Use after free in Sharing * CVE-2024-7550: Type Confusion in V8 * CVE-2024-7534: Heap buffer overflow in Layout * CVE-2024-7535: Inappropriate implementation in V8 * CVE-2024-7536: Use after free in WebAudio - Chromium 127.0.6533.88 (boo#1228628, boo#1228940, boo#1228942) * CVE-2024-6988: Use after free in Downloads * CVE-2024-6989: Use after free in Loader * CVE-2024-6991: Use after free in Dawn * CVE-2024-6992: Out of bounds memory access in ANGLE * CVE-2024-6993: Inappropriate implementation in Canvas * CVE-2024-6994: Heap buffer overflow in Layout * CVE-2024-6995: Inappropriate implementation in Fullscreen * CVE-2024-6996: Race in Frames * CVE-2024-6997: Use after free in Tabs * CVE-2024-6998: Use after free in User Education * CVE-2024-6999: Inappropriate implementation in FedCM * CVE-2024-7000: Use after free in CSS. Reported by Anonymous * CVE-2024-7001: Inappropriate implementation in HTML * CVE-2024-7003: Inappropriate implementation in FedCM * CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing * CVE-2024-7005: Insufficient validation of untrusted input in Safe Browsing * CVE-2024-6990: Uninitialized Use in Dawn * CVE-2024-7255: Out of bounds read in WebTransport * CVE-2024-7256: Insufficient data validation in Dawn gh: - Update to version 0.20240730: * Rust: link_output, depend_output and runtime_outputs for dylibs * Add missing reference section to function_toolchain.cc * Do not cleanup args.gn imports located in the output directory. * Fix expectations in NinjaRustBinaryTargetWriterTest.SwiftModule * Do not add native dependencies to the library search path * Support linking frameworks and swiftmodules in Rust targets * [desc] Silence print() statements when outputing json * infra: Move CI/try builds to Ubuntu-22.04 * [MinGW] Fix mingw building issues * [gn] Fix 'link' in the //examples/simple_build/build/toolchain/BUILD.gn * [template] Fix 'rule alink_thin' in the //build/build_linux.ninja.template * Allow multiple --ide switches * [src] Add '#include * Get updates to infra/recipes.py from upstream * Revert 'Teach gn to handle systems with > 64 processors' * [apple] Rename the code-signing properties of create_bundle * Fix a typo in 'gn help refs' output * Revert '[bundle] Use 'phony' builtin tool for create_bundle targets' * [bundle] Use 'phony' builtin tool for create_bundle targets * [ios] Simplify handling of assets catalog * [swift] List all outputs as deps of 'source_set' stamp file * [swift] Update `gn check ...` to consider the generated header * [swift] Set `restat = 1` to swift build rules * Fix build with gcc12 * [label_matches] Add ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'chromium, gn, rust-bindgen' package(s) on openSUSE Leap 15.5, openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2024-6988 Common Vulnerability Exposure (CVE) ID: CVE-2024-6989 Common Vulnerability Exposure (CVE) ID: CVE-2024-6990 Common Vulnerability Exposure (CVE) ID: CVE-2024-6991 Common Vulnerability Exposure (CVE) ID: CVE-2024-6992 Common Vulnerability Exposure (CVE) ID: CVE-2024-6993 Common Vulnerability Exposure (CVE) ID: CVE-2024-6994 Common Vulnerability Exposure (CVE) ID: CVE-2024-6995 Common Vulnerability Exposure (CVE) ID: CVE-2024-6996 Common Vulnerability Exposure (CVE) ID: CVE-2024-6997 Common Vulnerability Exposure (CVE) ID: CVE-2024-6998 Common Vulnerability Exposure (CVE) ID: CVE-2024-6999 Common Vulnerability Exposure (CVE) ID: CVE-2024-7000 Common Vulnerability Exposure (CVE) ID: CVE-2024-7001 Common Vulnerability Exposure (CVE) ID: CVE-2024-7003 Common Vulnerability Exposure (CVE) ID: CVE-2024-7004 Common Vulnerability Exposure (CVE) ID: CVE-2024-7005 Common Vulnerability Exposure (CVE) ID: CVE-2024-7255 Common Vulnerability Exposure (CVE) ID: CVE-2024-7256 Common Vulnerability Exposure (CVE) ID: CVE-2024-7532 Common Vulnerability Exposure (CVE) ID: CVE-2024-7533 Common Vulnerability Exposure (CVE) ID: CVE-2024-7534 Common Vulnerability Exposure (CVE) ID: CVE-2024-7535 Common Vulnerability Exposure (CVE) ID: CVE-2024-7536 Common Vulnerability Exposure (CVE) ID: CVE-2024-7550 |
| Copyright | Copyright (C) 2025 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |