Discover Government News

Arch Linux Security Advisory ASA-201703-4
========================================
Severity: Critical
Date    : 2017-03-11
CVE-ID  : CVE-2017-5029 CVE-2017-5030 CVE-2017-5031 CVE-2017-5032
          CVE-2017-5033 CVE-2017-5034 CVE-2017-5035 CVE-2017-5036
          CVE-2017-5037 CVE-2017-5038 CVE-2017-5039 CVE-2017-5040
          CVE-2017-5042 CVE-2017-5043 CVE-2017-5044 CVE-2017-5045
          CVE-2017-5046
Package : chromium
Type    : multiple issues
Remote  : Yes
Link    : https://security.archlinux.org/AVG-197

Summary
======
The package chromium before version 57.0.2987.98-1 is vulnerable to
multiple issues including arbitrary code execution, content spoofing,
access restriction bypass and information disclosure.

Resolution
=========
Upgrade to 57.0.2987.98-1.

# pacman -Syu "chromium>=57.0.2987.98-1"

The problems have been fixed upstream in version 57.0.2987.98.

Workaround
=========
None.

Description
==========
- CVE-2017-5029 (arbitrary code execution)

An integer overflow issue has been found in libxslt, leading to an out
of bounds write on 64-bit systems.

- CVE-2017-5030 (arbitrary code execution)

A memory corruption flaw was found in the V8 component of the Chromium
browser.

- CVE-2017-5031 (arbitrary code execution)

A use-after-free flaw has been found in the ANGLE component of the
Chromium browser.

- CVE-2017-5032 (arbitrary code execution)

An out of bounds write flaw has been found in the PDFium component of
the Chromium browser.

- CVE-2017-5033 (access restriction bypass)

A flaw allowing to bypass the content security policy has been found in
the Blink component of the Chromium browser.

- CVE-2017-5034 (arbitrary code execution)

A use after free flaw has been found in the PDFium component of the
Chromium browser.

- CVE-2017-5035 (content spoofing)

An incorrect security ui flaw was found in the Omnibox component of the
Chromium browser.

- CVE-2017-5036 (arbitrary code execution)

A use after free flaw has been found in the PDFium component of the
Chromium browser.

- CVE-2017-5037 (arbitrary code execution)

Multiple out of bounds writes have been found in the ChunkDemuxer
component of the Chromium browser.

- CVE-2017-5038 (arbitrary code execution)

A use after free flaw has been found in the GuestView component of the
Chromium browser.

- CVE-2017-5039 (arbitrary code execution)

A use after free flaw has been found in the PDFium component of the
Chromium browser.

- CVE-2017-5040 (information disclosure)

An information disclosure flaw has been found in the V8 component of
the Chromium browser.

- CVE-2017-5042 (information disclosure)

An issue resulting from incorrect handling of cookies has been found in
the Cast component of the Chromium browser.

- CVE-2017-5043 (arbitrary code execution)

A use after free flaw has been found in the GuestView component of the
Chromium browser.

- CVE-2017-5044 (arbitrary code execution)

A heap overflow flaw has been found in the Skia component of the
Chromium browser.

- CVE-2017-5045 (information disclosure)

An information disclosure flaw has been found in the XSS Auditor
component of the Chromium browser.

- CVE-2017-5046 (information disclosure)

An information disclosure flaw has been found in the Blink component of
the Chromium browser.

Impact
=====
A remote attacker can spoof an address in omnibox, bypass the content
security policy, access sensitive information and execute arbitrary
code on the affected host.

References
=========
https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
https://gitlab.gnome.org/GNOME/libxslt/-/commit/08ab2774b870de1c7b5a48693df75e8154addae5
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://bugs.chromium.org/p/chromium/issues/detail
https://security.archlinux.org/CVE-2017-5029
https://security.archlinux.org/CVE-2017-5030
https://security.archlinux.org/CVE-2017-5031
https://security.archlinux.org/CVE-2017-5032
https://security.archlinux.org/CVE-2017-5033
https://security.archlinux.org/CVE-2017-5034
https://security.archlinux.org/CVE-2017-5035
https://security.archlinux.org/CVE-2017-5036
https://security.archlinux.org/CVE-2017-5037
https://security.archlinux.org/CVE-2017-5038
https://security.archlinux.org/CVE-2017-5039
https://security.archlinux.org/CVE-2017-5040
https://security.archlinux.org/CVE-2017-5042
https://security.archlinux.org/CVE-2017-5043
https://security.archlinux.org/CVE-2017-5044
https://security.archlinux.org/CVE-2017-5045
https://security.archlinux.org/CVE-2017-5046

ArchLinux: 201703-4: chromium: multiple issues

March 11, 2017

Summary

- CVE-2017-5029 (arbitrary code execution) An integer overflow issue has been found in libxslt, leading to an out of bounds write on 64-bit systems.
- CVE-2017-5030 (arbitrary code execution)
A memory corruption flaw was found in the V8 component of the Chromium browser.
- CVE-2017-5031 (arbitrary code execution)
A use-after-free flaw has been found in the ANGLE component of the Chromium browser.
- CVE-2017-5032 (arbitrary code execution)
An out of bounds write flaw has been found in the PDFium component of the Chromium browser.
- CVE-2017-5033 (access restriction bypass)
A flaw allowing to bypass the content security policy has been found in the Blink component of the Chromium browser.
- CVE-2017-5034 (arbitrary code execution)
A use after free flaw has been found in the PDFium component of the Chromium browser.
- CVE-2017-5035 (content spoofing)
An incorrect security ui flaw was found in the Omnibox component of the Chromium browser.
- CVE-2017-5036 (arbitrary code execution)
A use after free flaw has been found in the PDFium component of the Chromium browser.
- CVE-2017-5037 (arbitrary code execution)
Multiple out of bounds writes have been found in the ChunkDemuxer component of the Chromium browser.
- CVE-2017-5038 (arbitrary code execution)
A use after free flaw has been found in the GuestView component of the Chromium browser.
- CVE-2017-5039 (arbitrary code execution)
A use after free flaw has been found in the PDFium component of the Chromium browser.
- CVE-2017-5040 (information disclosure)
An information disclosure flaw has been found in the V8 component of the Chromium browser.
- CVE-2017-5042 (information disclosure)
An issue resulting from incorrect handling of cookies has been found in the Cast component of the Chromium browser.
- CVE-2017-5043 (arbitrary code execution)
A use after free flaw has been found in the GuestView component of the Chromium browser.
- CVE-2017-5044 (arbitrary code execution)
A heap overflow flaw has been found in the Skia component of the Chromium browser.
- CVE-2017-5045 (information disclosure)
An information disclosure flaw has been found in the XSS Auditor component of the Chromium browser.
- CVE-2017-5046 (information disclosure)
An information disclosure flaw has been found in the Blink component of the Chromium browser.

Resolution

Upgrade to 57.0.2987.98-1. # pacman -Syu "chromium>=57.0.2987.98-1"
The problems have been fixed upstream in version 57.0.2987.98.

References

https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://gitlab.gnome.org/GNOME/libxslt/-/commit/08ab2774b870de1c7b5a48693df75e8154addae5 https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://security.archlinux.org/CVE-2017-5029 https://security.archlinux.org/CVE-2017-5030 https://security.archlinux.org/CVE-2017-5031 https://security.archlinux.org/CVE-2017-5032 https://security.archlinux.org/CVE-2017-5033 https://security.archlinux.org/CVE-2017-5034 https://security.archlinux.org/CVE-2017-5035 https://security.archlinux.org/CVE-2017-5036 https://security.archlinux.org/CVE-2017-5037 https://security.archlinux.org/CVE-2017-5038 https://security.archlinux.org/CVE-2017-5039 https://security.archlinux.org/CVE-2017-5040 https://security.archlinux.org/CVE-2017-5042 https://security.archlinux.org/CVE-2017-5043 https://security.archlinux.org/CVE-2017-5044 https://security.archlinux.org/CVE-2017-5045 https://security.archlinux.org/CVE-2017-5046

Severity
CVE-2017-5033 CVE-2017-5034 CVE-2017-5035 CVE-2017-5036
CVE-2017-5037 CVE-2017-5038 CVE-2017-5039 CVE-2017-5040
CVE-2017-5042 CVE-2017-5043 CVE-2017-5044 CVE-2017-5045
CVE-2017-5046
Package : chromium
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-197

Workaround

None.

Related News