ArchLinux: 202103-8: opera: arbitrary code execution
Summary
- CVE-2021-21149 (arbitrary code execution)
A stack overflow security issue was found in the Data Transfer
component of the Chromium browser before version 88.0.4324.182.
- CVE-2021-21150 (arbitrary code execution)
A use after free security issue was found in the Downloads component of
the Chromium browser before version 88.0.4324.182.
- CVE-2021-21151 (arbitrary code execution)
A use after free security issue was found in the Payments component of
the Chromium browser before version 88.0.4324.182.
- CVE-2021-21152 (arbitrary code execution)
A heap buffer overflow security issue was found in the Media component
of the Chromium browser before version 88.0.4324.182.
- CVE-2021-21153 (arbitrary code execution)
A stack overflow security issue was found in the GPU Process component
of the Chromium browser before version 88.0.4324.182.
- CVE-2021-21154 (arbitrary code execution)
A heap buffer overflow security issue was found in the Tab Strip
component of the Chromium browser before version 88.0.4324.182.
- CVE-2021-21155 (arbitrary code execution)
A heap buffer overflow security issue was found in the Tab Strip
component of the Chromium browser before version 88.0.4324.182.
- CVE-2021-21156 (arbitrary code execution)
A heap buffer overflow security issue was found in the V8 component of
the Chromium browser before version 88.0.4324.182.
- CVE-2021-21157 (arbitrary code execution)
A use after free security issue was found in the Web Sockets component
of the Chromium browser before version 88.0.4324.182.
Resolution
Upgrade to 74.0.3911.203-1.
# pacman -Syu "opera>=74.0.3911.203-1"
The problems have been fixed upstream in version 74.0.3911.203.
References
https://blogs.opera.com/desktop/changelog-for-74/ https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://security.archlinux.org/CVE-2021-21149 https://security.archlinux.org/CVE-2021-21150 https://security.archlinux.org/CVE-2021-21151 https://security.archlinux.org/CVE-2021-21152 https://security.archlinux.org/CVE-2021-21153 https://security.archlinux.org/CVE-2021-21154 https://security.archlinux.org/CVE-2021-21155 https://security.archlinux.org/CVE-2021-21156 https://security.archlinux.org/CVE-2021-21157
Workaround
None.