ArchLinux: 202003-12: chromium: multiple issues

    Date20 Mar 2020
    142
    Posted ByLinuxSecurity Advisories
    The package chromium before version 80.0.3987.149-1 is vulnerable to multiple issues including access restriction bypass, arbitrary code execution and information disclosure.
    Arch Linux Security Advisory ASA-202003-12
    ==========================================
    
    Severity: High
    Date    : 2020-03-19
    CVE-ID  : CVE-2019-20503 CVE-2020-6422 CVE-2020-6424 CVE-2020-6425
              CVE-2020-6426  CVE-2020-6427 CVE-2020-6428 CVE-2020-6429
              CVE-2020-6449
    Package : chromium
    Type    : multiple issues
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-1118
    
    Summary
    =======
    
    The package chromium before version 80.0.3987.149-1 is vulnerable to
    multiple issues including access restriction bypass, arbitrary code
    execution and information disclosure.
    
    Resolution
    ==========
    
    Upgrade to 80.0.3987.149-1.
    
    # pacman -Syu "chromium>=80.0.3987.149-1"
    
    The problems have been fixed upstream in version 80.0.3987.149.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    - CVE-2019-20503 (information disclosure)
    
    An out-of-bounds read has been found in Firefox before 74, Thunderbird
    before 68.6 and chromium before 80.0.3987.149. The inputs to
    sctp_load_addresses_from_init are verified by
    sctp_arethere_unrecognized_parameters; however, the two functions
    handled parameter bounds differently, resulting in out of bounds reads
    when parameters are partially outside a chunk.
    
    - CVE-2020-6422 (arbitrary code execution)
    
    A use-after-free security issue has been found in the WebGL component
    of the chromium browser before 80.0.3987.149.
    
    - CVE-2020-6424 (arbitrary code execution)
    
    A use-after-free security issue has been found in the media component
    of the chromium browser before 80.0.3987.149.
    
    - CVE-2020-6425 (access restriction bypass)
    
    An insufficient policy enforcement security issue has been found in the
    extensions component of the chromium browser before 80.0.3987.149.
    
    - CVE-2020-6426 (access restriction bypass)
    
    An inappropriate implementation security issue has been found in the V8
    component of the chromium browser before 80.0.3987.149.
    
    - CVE-2020-6427 (arbitrary code execution)
    
    A use after free security issue has been found in the audio component
    of the chromium browser before 80.0.3987.149.
    
    - CVE-2020-6428 (arbitrary code execution)
    
    A use-after-free security issue has been found in the audio component
    of the chromium browser before 80.0.3987.149.
    
    - CVE-2020-6429 (arbitrary code execution)
    
    A use-after-free security issue has been found in the audio component
    of the chromium browser before 80.0.3987.149.
    
    - CVE-2020-6449 (arbitrary code execution)
    
    A use-after-free security issue has been found in the audio component
    of the chromium browser before 80.0.3987.149.
    
    Impact
    ======
    
    A remote attacker can access sensitive information, bypass security
    measures and possibly execute arbitrary code on the affected host.
    
    References
    ==========
    
    https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.html
    https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2019-20503
    https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/#CVE-2019-20503
    https://bugzilla.mozilla.org/show_bug.cgi?id=1613765
    https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html
    https://crbug.com/1059349
    https://crbug.com/1051748
    https://crbug.com/1031142
    https://crbug.com/1031670
    https://crbug.com/1052647
    https://crbug.com/1055788
    https://crbug.com/1057593
    https://crbug.com/1057627
    https://crbug.com/1059686
    https://security.archlinux.org/CVE-2019-20503
    https://security.archlinux.org/CVE-2020-6422
    https://security.archlinux.org/CVE-2020-6424
    https://security.archlinux.org/CVE-2020-6425
    https://security.archlinux.org/CVE-2020-6426
    https://security.archlinux.org/CVE-2020-6427
    https://security.archlinux.org/CVE-2020-6428
    https://security.archlinux.org/CVE-2020-6429
    https://security.archlinux.org/CVE-2020-6449
    
    

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"48","type":"x","order":"1","pct":88.89,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"4","type":"x","order":"2","pct":7.41,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"2","type":"x","order":"3","pct":3.7,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.