ArchLinux: 202004-9: chromium: multiple issues

    Date 10 Apr 2020
    246
    Posted By LinuxSecurity Advisories
    The package chromium before version 81.0.4044.92-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure, access restriction bypass and insufficient validation.
    Arch Linux Security Advisory ASA-202004-9
    =========================================
    
    Severity: High
    Date    : 2020-04-08
    CVE-ID  : CVE-2020-6423 CVE-2020-6430 CVE-2020-6431 CVE-2020-6432
              CVE-2020-6433 CVE-2020-6434 CVE-2020-6435 CVE-2020-6436
              CVE-2020-6437 CVE-2020-6438 CVE-2020-6439 CVE-2020-6440
              CVE-2020-6441 CVE-2020-6442 CVE-2020-6443 CVE-2020-6444
              CVE-2020-6445 CVE-2020-6446 CVE-2020-6447 CVE-2020-6448
              CVE-2020-6454 CVE-2020-6455 CVE-2020-6456
    Package : chromium
    Type    : multiple issues
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-1128
    
    Summary
    =======
    
    The package chromium before version 81.0.4044.92-1 is vulnerable to
    multiple issues including arbitrary code execution, information
    disclosure, access restriction bypass and insufficient validation.
    
    Resolution
    ==========
    
    Upgrade to 81.0.4044.92-1.
    
    # pacman -Syu "chromium>=81.0.4044.92-1"
    
    The problems have been fixed upstream in version 81.0.4044.92.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    - CVE-2020-6423 (arbitrary code execution)
    
    A use after free security issue has been found in the audio component
    of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6430 (arbitrary code execution)
    
    A type confusion security issue has been found in the V8 component of
    the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6431 (access restriction bypass)
    
    An insufficient policy enforcement security issue has been found in the
    full screen component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6432 (access restriction bypass)
    
    An insufficient policy enforcement security issue has been found in the
    navigations component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6433 (access restriction bypass)
    
    An insufficient policy enforcement security issue has been found in the
    extensions component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6434 (arbitrary code execution)
    
    A use-after-free security issue has been found in the devtools
    component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6435 (access restriction bypass)
    
    An insufficient policy enforcement security issue has been found in the
    extensions component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6436 (arbitrary code execution)
    
    A use-after-free security issue has been found in the window management
    component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6437 (access restriction bypass)
    
    An inappropriate implementation security issue has been found in the
    WebView component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6438 (access restriction bypass)
    
    An insufficient policy enforcement security issue has been found in the
    extensions component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6439 (access restriction bypass)
    
    An insufficient policy enforcement security issue has been found in the
    navigations component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6440 (access restriction bypass)
    
    An inappropriate implementation security issue has been found in the
    extensions component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6441 (access restriction bypass)
    
    An insufficient policy enforcement security issue has been found in the
    omnibox component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6442 (access restriction bypass)
    
    An inappropriate implementation security issue has been found in the
    cache component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6443 (insufficient validation)
    
    An insufficient data validation security issue has been found in the
    developer tools component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6444 (information disclosure)
    
    An uninitialized memory use issue has been found in the WebRTC
    component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6445 (access restriction bypass)
    
    An insufficient policy enforcement security issue has been found in the
    trusted types component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6446 (access restriction bypass)
    
    An insufficient policy enforcement security issue has been found in the
    trusted types component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6447 (access restriction bypass)
    
    An inappropriate implementation security issue has been found in the
    developer tools component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6448 (arbitrary code execution)
    
    A use-after-free security issue has been found in the V8 component of
    the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6454 (arbitrary code execution)
    
    A use after free security issue has been found in the extensions
    component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6455 (information disclosure)
    
    A out of bounds read security issue has been found in the WebSQL
    component of the chromium browser before 81.0.4044.92.
    
    - CVE-2020-6456 (insufficient validation)
    
    An insufficient validation of untrusted input security issue has been
    found in the clipboard component of the chromium browser before
    81.0.4044.92.
    
    Impact
    ======
    
    A remote attacker might be able to access sensitive information, bypass
    security measures or execute arbitrary code.
    
    References
    ==========
    
    https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html
    https://crbug.com/1043446
    https://crbug.com/1031479
    https://crbug.com/852645
    https://crbug.com/965611
    https://crbug.com/1043965
    https://crbug.com/1048555
    https://crbug.com/1032158
    https://crbug.com/1034519
    https://crbug.com/639173
    https://crbug.com/714617
    https://crbug.com/868145
    https://crbug.com/894477
    https://crbug.com/959571
    https://crbug.com/1013906
    https://crbug.com/1040080
    https://crbug.com/922882
    https://crbug.com/933171
    https://crbug.com/933172
    https://crbug.com/991217
    https://crbug.com/1037872
    https://crbug.com/1019161
    https://crbug.com/1059669
    https://crbug.com/1040755
    https://security.archlinux.org/CVE-2020-6423
    https://security.archlinux.org/CVE-2020-6430
    https://security.archlinux.org/CVE-2020-6431
    https://security.archlinux.org/CVE-2020-6432
    https://security.archlinux.org/CVE-2020-6433
    https://security.archlinux.org/CVE-2020-6434
    https://security.archlinux.org/CVE-2020-6435
    https://security.archlinux.org/CVE-2020-6436
    https://security.archlinux.org/CVE-2020-6437
    https://security.archlinux.org/CVE-2020-6438
    https://security.archlinux.org/CVE-2020-6439
    https://security.archlinux.org/CVE-2020-6440
    https://security.archlinux.org/CVE-2020-6441
    https://security.archlinux.org/CVE-2020-6442
    https://security.archlinux.org/CVE-2020-6443
    https://security.archlinux.org/CVE-2020-6444
    https://security.archlinux.org/CVE-2020-6445
    https://security.archlinux.org/CVE-2020-6446
    https://security.archlinux.org/CVE-2020-6447
    https://security.archlinux.org/CVE-2020-6448
    https://security.archlinux.org/CVE-2020-6454
    https://security.archlinux.org/CVE-2020-6455
    https://security.archlinux.org/CVE-2020-6456
    
    

    LinuxSecurity Poll

    Do you agree with Linus Torvalds' decision to reject the controversial patch mitigating the Snoop attack on Intel CPUs?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/28-do-you-agree-with-linus-torvalds-decision-to-reject-the-controversial-patch-mitigating-the-snoop-attack-on-intel-cpus?task=poll.vote&format=json
    28
    radio
    [{"id":"100","title":"Yes - this was undoubtedly the right decision.","votes":"1","type":"x","order":"1","pct":33.33,"resources":[]},{"id":"101","title":"Not sure...","votes":"2","type":"x","order":"2","pct":66.67,"resources":[]},{"id":"102","title":"No - he made a big mistake here.","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.