Linux Security
    Linux Security
    Linux Security

    ArchLinux: 202011-11: chromium: multiple issues

    Date 18 Nov 2020
    2066
    Posted By LinuxSecurity Advisories
    The package chromium before version 87.0.4280.66-1 is vulnerable to multiple issues including access restriction bypass, arbitrary code execution, insufficient validation, content spoofing and information disclosure.
    Arch Linux Security Advisory ASA-202011-11
    ==========================================
    
    Severity: High
    Date    : 2020-11-17
    CVE-ID  : CVE-2020-16012 CVE-2020-16014 CVE-2020-16015 CVE-2020-16018
              CVE-2020-16019 CVE-2020-16020 CVE-2020-16021 CVE-2020-16022
              CVE-2020-16023 CVE-2020-16024 CVE-2020-16025 CVE-2020-16026
              CVE-2020-16027 CVE-2020-16028 CVE-2020-16029 CVE-2020-16030
              CVE-2020-16031 CVE-2020-16032 CVE-2020-16033 CVE-2020-16034
              CVE-2020-16035 CVE-2020-16036
    Package : chromium
    Type    : multiple issues
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-1277
    
    Summary
    =======
    
    The package chromium before version 87.0.4280.66-1 is vulnerable to
    multiple issues including access restriction bypass, arbitrary code
    execution, insufficient validation, content spoofing and information
    disclosure.
    
    Resolution
    ==========
    
    Upgrade to 87.0.4280.66-1.
    
    # pacman -Syu "chromium>=87.0.4280.66-1"
    
    The problems have been fixed upstream in version 87.0.4280.66.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    - CVE-2020-16012 (information disclosure)
    
    An information disclosure issue has been found in Firefox before 83.0
    and chromium before 87.0.4280.66. When drawing a transparent image on
    top of an unknown cross-origin image, the Skia library drawImage
    function took a variable amount of time depending on the content of the
    underlying image. This resulted in potential cross-origin information
    exposure of image content through timing side-channel attacks.
    
    - CVE-2020-16014 (arbitrary code execution)
    
    A use after free security issue has been found in the PPAPI component
    of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16015 (insufficient validation)
    
    An insufficient data validation security issue has been found in the
    WASM component of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16018 (arbitrary code execution)
    
    A use after free security issue has been found in the payments
    component of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16019 (access restriction bypass)
    
    An inappropriate implementation security issue has been found in the
    filesystem component of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16020 (access restriction bypass)
    
    An inappropriate implementation security issue has been found in the
    cryptohome component of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16021 (arbitrary code execution)
    
    A race condition has been found in the ImageBurner component of the
    chromium browser before 87.0.4280.66, leading to possible memory
    corruption.
    
    - CVE-2020-16022 (access restriction bypass)
    
    An insufficient policy enforcement security issue has been found in the
    networking component of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16023 (arbitrary code execution)
    
    A use after free security issue has been found in the WebCodecs
    component of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16024 (arbitrary code execution)
    
    A heap-based buffer overflow has been found in the UI component of the
    chromium browser before 87.0.4280.66.
    
    - CVE-2020-16025 (arbitrary code execution)
    
    A heap-based buffer overflow has been found in the clipboard component
    of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16026 (arbitrary code execution)
    
    A use after free security issue has been found in the WebRTC component
    of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16027 (access restriction bypass)
    
    An insufficient policy enforcement security issue has been found in the
    developer tools component of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16028 (arbitrary code execution)
    
    A heap-based buffer overflow has been found in the WebRTC component of
    the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16029 (access restriction bypass)
    
    An inappropriate implementation security issue has been found in the
    PDFium component of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16030 (insufficient validation)
    
    An insufficient data validation security issue has been found in the
    Blink component of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16031 (content spoofing)
    
    An incorrect security UI issue has been found in the tab preview
    component of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16032 (content spoofing)
    
    An incorrect security UI issue has been found in the sharing component
    of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16033 (content spoofing)
    
    A incorrect security UI issue has been found in the WebUSB component of
    the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16034 (access restriction bypass)
    
    An inappropriate implementation security issue has been found in the
    WebRTC component of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16035 (insufficient validation)
    
    An insufficient data validation security issue has been found in the
    cros-disks component of the chromium browser before 87.0.4280.66.
    
    - CVE-2020-16036 (access restriction bypass)
    
    An inappropriate implementation security issue has been found in the
    cookies component of the chromium browser before 87.0.4280.66.
    
    Impact
    ======
    
    A remote attacker might be able to trick a user into wrongly assessing
    the security of a website, WebUSB connection or a tab preview via UI
    spoofing. Further, a remote attacker may be able to bypass security
    restrictions, access sensitive information and execute arbitrary code
    
    References
    ==========
    
    https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html
    https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html
    https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-16012
    https://bugzilla.mozilla.org/show_bug.cgi?id=1642028
    https://crbug.com/1146675
    https://crbug.com/1146673
    https://crbug.com/1136078
    https://crbug.com/1139408
    https://crbug.com/1139411
    https://crbug.com/1139414
    https://crbug.com/1145680
    https://crbug.com/1146761
    https://crbug.com/1147430
    https://crbug.com/1147431
    https://crbug.com/1139153
    https://crbug.com/1116444
    https://crbug.com/1138446
    https://crbug.com/1134338
    https://crbug.com/1141350
    https://crbug.com/1133183
    https://crbug.com/1136714
    https://crbug.com/1143057
    https://crbug.com/1137362
    https://crbug.com/1139409
    https://crbug.com/830808
    https://security.archlinux.org/CVE-2020-16012
    https://security.archlinux.org/CVE-2020-16014
    https://security.archlinux.org/CVE-2020-16015
    https://security.archlinux.org/CVE-2020-16018
    https://security.archlinux.org/CVE-2020-16019
    https://security.archlinux.org/CVE-2020-16020
    https://security.archlinux.org/CVE-2020-16021
    https://security.archlinux.org/CVE-2020-16022
    https://security.archlinux.org/CVE-2020-16023
    https://security.archlinux.org/CVE-2020-16024
    https://security.archlinux.org/CVE-2020-16025
    https://security.archlinux.org/CVE-2020-16026
    https://security.archlinux.org/CVE-2020-16027
    https://security.archlinux.org/CVE-2020-16028
    https://security.archlinux.org/CVE-2020-16029
    https://security.archlinux.org/CVE-2020-16030
    https://security.archlinux.org/CVE-2020-16031
    https://security.archlinux.org/CVE-2020-16032
    https://security.archlinux.org/CVE-2020-16033
    https://security.archlinux.org/CVE-2020-16034
    https://security.archlinux.org/CVE-2020-16035
    https://security.archlinux.org/CVE-2020-16036
    
    

    LinuxSecurity Poll

    How long have you been using Linux?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /main-polls/46-how-long-have-you-been-using-linux?task=poll.vote&format=json
    46
    radio
    [{"id":"160","title":"Just made the switch!","votes":"3","type":"x","order":"1","pct":30,"resources":[]},{"id":"161","title":"1-5 years","votes":"1","type":"x","order":"2","pct":10,"resources":[]},{"id":"162","title":"6-10 years","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"163","title":">10 years - I'm a veteran!","votes":"6","type":"x","order":"4","pct":60,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.