ArchLinux: 202112-1: vivaldi: multiple issues

Advisories

Arch Linux Security Advisory ASA-202112-1
=========================================

Severity: High
Date    : 2021-12-03
CVE-ID  : CVE-2021-37981 CVE-2021-37982 CVE-2021-37984 CVE-2021-37985
          CVE-2021-37986 CVE-2021-37987 CVE-2021-37988 CVE-2021-37989
          CVE-2021-37990 CVE-2021-37991 CVE-2021-37992 CVE-2021-37993
          CVE-2021-37994 CVE-2021-37995 CVE-2021-37996 CVE-2021-37998
          CVE-2021-38000 CVE-2021-38001 CVE-2021-38003 CVE-2021-38004
          CVE-2021-38005 CVE-2021-38006 CVE-2021-38007 CVE-2021-38008
          CVE-2021-38009 CVE-2021-38010 CVE-2021-38011 CVE-2021-38012
          CVE-2021-38013 CVE-2021-38014 CVE-2021-38015 CVE-2021-38016
          CVE-2021-38017 CVE-2021-38018 CVE-2021-38019 CVE-2021-38020
          CVE-2021-38021 CVE-2021-38022
Package : vivaldi
Type    : multiple issues
Remote  : Yes
Link    : https://security.archlinux.org/AVG-2475

Summary
=======

The package vivaldi before version 5.0.2497.24-1 is vulnerable to
multiple issues including arbitrary code execution, insufficient
validation, access restriction bypass, content spoofing, information
disclosure, same-origin policy bypass, sandbox escape and denial of
service.

Resolution
==========

Upgrade to 5.0.2497.24-1.

# pacman -Syu "vivaldi>=5.0.2497.24-1"

The problems have been fixed upstream in version 5.0.2497.24.

Workaround
==========

None.

Description
===========

- CVE-2021-37981 (arbitrary code execution)

A heap buffer overflow security issue has been found in the Skia
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37982 (arbitrary code execution)

A use after free security issue has been found in the Incognito
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37984 (arbitrary code execution)

A heap buffer overflow security issue has been found in the PDFium
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37985 (arbitrary code execution)

A use after free security issue has been found in the V8 component of
the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37986 (arbitrary code execution)

A heap buffer overflow security issue has been found in the Settings
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37987 (arbitrary code execution)

A use after free security issue has been found in the Network APIs
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37988 (arbitrary code execution)

A use after free security issue has been found in the Profiles
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37989 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
Blink component of the Chromium browser engine before version
95.0.4638.54.

- CVE-2021-37990 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
WebView component of the Chromium browser engine before version
95.0.4638.54.

- CVE-2021-37991 (arbitrary code execution)

A race security issue has been found in the V8 component of the
Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37992 (information disclosure)

An out of bounds read security issue has been found in the WebAudio
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37993 (arbitrary code execution)

A use after free security issue has been found in the PDF Accessibility
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37994 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
iFrame Sandbox component of the Chromium browser engine before version
95.0.4638.54.

- CVE-2021-37995 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
WebApp Installer component of the Chromium browser engine before
version 95.0.4638.54.

- CVE-2021-37996 (insufficient validation)

An insufficient validation of untrusted input security issue has been
found in the Downloads component of the Chromium browser engine before
version 95.0.4638.54.

- CVE-2021-37998 (arbitrary code execution)

A use after free security issue has been found in the Garbage
Collection component of the Chromium browser engine before version
95.0.4638.69.

- CVE-2021-38000 (insufficient validation)

An insufficient validation of untrusted input security issue has been
found in the Intents component of the Chromium browser engine before
version 95.0.4638.69. Google is aware that an exploit for
CVE-2021-38000 exists in the wild.

- CVE-2021-38001 (arbitrary code execution)

A type confusion security issue has been found in the V8 component of
the Chromium browser engine before version 95.0.4638.69.

- CVE-2021-38003 (arbitrary code execution)

An inappropriate implementation security issue has been found in the V8
component of the Chromium browser engine before version 95.0.4638.69.
Google is aware that an exploit for CVE-2021-38003 exists in the wild.

- CVE-2021-38004 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
Autofill component of the Chromium browser engine before version
95.0.4638.69.

- CVE-2021-38005 (arbitrary code execution)

A use after free security issue has been found in the loader component
of the Chromium browser engine before version 96.0.4664.45.

- CVE-2021-38006 (arbitrary code execution)

A use after free security issue has been found in the storage
foundation component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38007 (arbitrary code execution)

A type confusion security issue has been found in the V8 component of
the Chromium browser engine before version 96.0.4664.45.

- CVE-2021-38008 (arbitrary code execution)

A use after free security issue has been found in the media component
of the Chromium browser engine before version 96.0.4664.45.

- CVE-2021-38009 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
cache component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38010 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
service workers component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38011 (arbitrary code execution)

A use after free security issue has been found in the storage
foundation component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38012 (arbitrary code execution)

A type confusion security issue has been found in the V8 component of
the Chromium browser engine before version 96.0.4664.45.

- CVE-2021-38013 (arbitrary code execution)

A heap buffer overflow security issue has been found in the fingerprint
recognition component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38014 (arbitrary code execution)

An out of bounds write security issue has been found in the Swiftshader
component of the Chromium browser engine before version 96.0.4664.45.

- CVE-2021-38015 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
input component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38016 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
background fetch component of the Chromium browser engine before
version 96.0.4664.45.

- CVE-2021-38017 (sandbox escape)

An insufficient policy enforcement security issue has been found in the
iframe sandbox component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38018 (content spoofing)

An inappropriate implementation security issue has been found in the
navigation component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38019 (same-origin policy bypass)

An insufficient policy enforcement security issue has been found in the
CORS component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38020 (information disclosure)

An insufficient policy enforcement security issue has been found in the
contacts picker component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38021 (information disclosure)

An inappropriate implementation security issue has been found in the
referrer component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38022 (denial of service)

An inappropriate implementation security issue has been found in the
WebAuthentication component of the Chromium browser engine before
version 96.0.4664.45.

Impact
======

A remote attacker could execute arbitrary code, disclose sensitive
information, spoof content, bypass security restrictions or crash the
browser through crafted web content. Google is aware that exploits for
two of the security issues exist in the wild.

References
==========

https://vivaldi.com/blog/desktop/update-three-4-3/
https://vivaldi.com/blog/desktop/further-updates-to-theme-sharing-vivaldi-browser-snapshot-2488-3/
https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html
https://crbug.com/1246631
https://crbug.com/1248661
https://crbug.com/1253399
https://crbug.com/1241860
https://crbug.com/1242404
https://crbug.com/1206928
https://crbug.com/1228248
https://crbug.com/1233067
https://crbug.com/1247395
https://crbug.com/1250660
https://crbug.com/1253746
https://crbug.com/1255332
https://crbug.com/1100761
https://crbug.com/1242315
https://crbug.com/1243020
https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html
https://crbug.com/1259587
https://crbug.com/1249962
https://crbug.com/1260577
https://crbug.com/1263462
https://crbug.com/1227170
https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html
https://crbug.com/1241091
https://crbug.com/1240593
https://crbug.com/1254189
https://crbug.com/1263620
https://crbug.com/1260649
https://crbug.com/1264477
https://crbug.com/1268274
https://crbug.com/1262791
https://crbug.com/1242392
https://crbug.com/1248567
https://crbug.com/957553
https://crbug.com/1244289
https://crbug.com/1256822
https://crbug.com/1197889
https://crbug.com/1251179
https://crbug.com/1259694
https://crbug.com/1233375
https://crbug.com/1248862
https://security.archlinux.org/CVE-2021-37981
https://security.archlinux.org/CVE-2021-37982
https://security.archlinux.org/CVE-2021-37984
https://security.archlinux.org/CVE-2021-37985
https://security.archlinux.org/CVE-2021-37986
https://security.archlinux.org/CVE-2021-37987
https://security.archlinux.org/CVE-2021-37988
https://security.archlinux.org/CVE-2021-37989
https://security.archlinux.org/CVE-2021-37990
https://security.archlinux.org/CVE-2021-37991
https://security.archlinux.org/CVE-2021-37992
https://security.archlinux.org/CVE-2021-37993
https://security.archlinux.org/CVE-2021-37994
https://security.archlinux.org/CVE-2021-37995
https://security.archlinux.org/CVE-2021-37996
https://security.archlinux.org/CVE-2021-37998
https://security.archlinux.org/CVE-2021-38000
https://security.archlinux.org/CVE-2021-38001
https://security.archlinux.org/CVE-2021-38003
https://security.archlinux.org/CVE-2021-38004
https://security.archlinux.org/CVE-2021-38005
https://security.archlinux.org/CVE-2021-38006
https://security.archlinux.org/CVE-2021-38007
https://security.archlinux.org/CVE-2021-38008
https://security.archlinux.org/CVE-2021-38009
https://security.archlinux.org/CVE-2021-38010
https://security.archlinux.org/CVE-2021-38011
https://security.archlinux.org/CVE-2021-38012
https://security.archlinux.org/CVE-2021-38013
https://security.archlinux.org/CVE-2021-38014
https://security.archlinux.org/CVE-2021-38015
https://security.archlinux.org/CVE-2021-38016
https://security.archlinux.org/CVE-2021-38017
https://security.archlinux.org/CVE-2021-38018
https://security.archlinux.org/CVE-2021-38019
https://security.archlinux.org/CVE-2021-38020
https://security.archlinux.org/CVE-2021-38021
https://security.archlinux.org/CVE-2021-38022

ArchLinux: 202112-1: vivaldi: multiple issues

December 6, 2021
The package vivaldi before version 5.0.2497.24-1 is vulnerable to multiple issues including arbitrary code execution, insufficient validation, access restriction bypass, content sp...

Summary

- CVE-2021-37981 (arbitrary code execution)
A heap buffer overflow security issue has been found in the Skia component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37982 (arbitrary code execution)
A use after free security issue has been found in the Incognito component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37984 (arbitrary code execution)
A heap buffer overflow security issue has been found in the PDFium component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37985 (arbitrary code execution)
A use after free security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37986 (arbitrary code execution)
A heap buffer overflow security issue has been found in the Settings component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37987 (arbitrary code execution)
A use after free security issue has been found in the Network APIs component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37988 (arbitrary code execution)
A use after free security issue has been found in the Profiles component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37989 (arbitrary code execution)
An inappropriate implementation security issue has been found in the Blink component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37990 (arbitrary code execution)
An inappropriate implementation security issue has been found in the WebView component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37991 (arbitrary code execution)
A race security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37992 (information disclosure)
An out of bounds read security issue has been found in the WebAudio component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37993 (arbitrary code execution)
A use after free security issue has been found in the PDF Accessibility component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37994 (arbitrary code execution)
An inappropriate implementation security issue has been found in the iFrame Sandbox component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37995 (arbitrary code execution)
An inappropriate implementation security issue has been found in the WebApp Installer component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37996 (insufficient validation)
An insufficient validation of untrusted input security issue has been found in the Downloads component of the Chromium browser engine before version 95.0.4638.54.
- CVE-2021-37998 (arbitrary code execution)
A use after free security issue has been found in the Garbage Collection component of the Chromium browser engine before version 95.0.4638.69.
- CVE-2021-38000 (insufficient validation)
An insufficient validation of untrusted input security issue has been found in the Intents component of the Chromium browser engine before version 95.0.4638.69. Google is aware that an exploit for CVE-2021-38000 exists in the wild.
- CVE-2021-38001 (arbitrary code execution)
A type confusion security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.69.
- CVE-2021-38003 (arbitrary code execution)
An inappropriate implementation security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.69. Google is aware that an exploit for CVE-2021-38003 exists in the wild.
- CVE-2021-38004 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the Autofill component of the Chromium browser engine before version 95.0.4638.69.
- CVE-2021-38005 (arbitrary code execution)
A use after free security issue has been found in the loader component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38006 (arbitrary code execution)
A use after free security issue has been found in the storage foundation component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38007 (arbitrary code execution)
A type confusion security issue has been found in the V8 component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38008 (arbitrary code execution)
A use after free security issue has been found in the media component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38009 (arbitrary code execution)
An inappropriate implementation security issue has been found in the cache component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38010 (arbitrary code execution)
An inappropriate implementation security issue has been found in the service workers component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38011 (arbitrary code execution)
A use after free security issue has been found in the storage foundation component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38012 (arbitrary code execution)
A type confusion security issue has been found in the V8 component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38013 (arbitrary code execution)
A heap buffer overflow security issue has been found in the fingerprint recognition component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38014 (arbitrary code execution)
An out of bounds write security issue has been found in the Swiftshader component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38015 (arbitrary code execution)
An inappropriate implementation security issue has been found in the input component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38016 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the background fetch component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38017 (sandbox escape)
An insufficient policy enforcement security issue has been found in the iframe sandbox component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38018 (content spoofing)
An inappropriate implementation security issue has been found in the navigation component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38019 (same-origin policy bypass)
An insufficient policy enforcement security issue has been found in the CORS component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38020 (information disclosure)
An insufficient policy enforcement security issue has been found in the contacts picker component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38021 (information disclosure)
An inappropriate implementation security issue has been found in the referrer component of the Chromium browser engine before version 96.0.4664.45.
- CVE-2021-38022 (denial of service)
An inappropriate implementation security issue has been found in the WebAuthentication component of the Chromium browser engine before version 96.0.4664.45.

Resolution

Upgrade to 5.0.2497.24-1.
# pacman -Syu "vivaldi>=5.0.2497.24-1"
The problems have been fixed upstream in version 5.0.2497.24.

References

https://vivaldi.com/blog/desktop/update-three-4-3/ https://vivaldi.com/blog/desktop/further-updates-to-theme-sharing-vivaldi-browser-snapshot-2488-3/ https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html https://crbug.com/1246631 https://crbug.com/1248661 https://crbug.com/1253399 https://crbug.com/1241860 https://crbug.com/1242404 https://crbug.com/1206928 https://crbug.com/1228248 https://crbug.com/1233067 https://crbug.com/1247395 https://crbug.com/1250660 https://crbug.com/1253746 https://crbug.com/1255332 https://crbug.com/1100761 https://crbug.com/1242315 https://crbug.com/1243020 https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html https://crbug.com/1259587 https://crbug.com/1249962 https://crbug.com/1260577 https://crbug.com/1263462 https://crbug.com/1227170 https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html https://crbug.com/1241091 https://crbug.com/1240593 https://crbug.com/1254189 https://crbug.com/1263620 https://crbug.com/1260649 https://crbug.com/1264477 https://crbug.com/1268274 https://crbug.com/1262791 https://crbug.com/1242392 https://crbug.com/1248567 https://crbug.com/957553 https://crbug.com/1244289 https://crbug.com/1256822 https://crbug.com/1197889 https://crbug.com/1251179 https://crbug.com/1259694 https://crbug.com/1233375 https://crbug.com/1248862 https://security.archlinux.org/CVE-2021-37981 https://security.archlinux.org/CVE-2021-37982 https://security.archlinux.org/CVE-2021-37984 https://security.archlinux.org/CVE-2021-37985 https://security.archlinux.org/CVE-2021-37986 https://security.archlinux.org/CVE-2021-37987 https://security.archlinux.org/CVE-2021-37988 https://security.archlinux.org/CVE-2021-37989 https://security.archlinux.org/CVE-2021-37990 https://security.archlinux.org/CVE-2021-37991 https://security.archlinux.org/CVE-2021-37992 https://security.archlinux.org/CVE-2021-37993 https://security.archlinux.org/CVE-2021-37994 https://security.archlinux.org/CVE-2021-37995 https://security.archlinux.org/CVE-2021-37996 https://security.archlinux.org/CVE-2021-37998 https://security.archlinux.org/CVE-2021-38000 https://security.archlinux.org/CVE-2021-38001 https://security.archlinux.org/CVE-2021-38003 https://security.archlinux.org/CVE-2021-38004 https://security.archlinux.org/CVE-2021-38005 https://security.archlinux.org/CVE-2021-38006 https://security.archlinux.org/CVE-2021-38007 https://security.archlinux.org/CVE-2021-38008 https://security.archlinux.org/CVE-2021-38009 https://security.archlinux.org/CVE-2021-38010 https://security.archlinux.org/CVE-2021-38011 https://security.archlinux.org/CVE-2021-38012 https://security.archlinux.org/CVE-2021-38013 https://security.archlinux.org/CVE-2021-38014 https://security.archlinux.org/CVE-2021-38015 https://security.archlinux.org/CVE-2021-38016 https://security.archlinux.org/CVE-2021-38017 https://security.archlinux.org/CVE-2021-38018 https://security.archlinux.org/CVE-2021-38019 https://security.archlinux.org/CVE-2021-38020 https://security.archlinux.org/CVE-2021-38021 https://security.archlinux.org/CVE-2021-38022

Severity
CVE-ID : CVE-2021-37981 CVE-2021-37982 CVE-2021-37984 CVE-2021-37985
CVE-2021-37986 CVE-2021-37987 CVE-2021-37988 CVE-2021-37989
CVE-2021-37990 CVE-2021-37991 CVE-2021-37992 CVE-2021-37993
CVE-2021-37994 CVE-2021-37995 CVE-2021-37996 CVE-2021-37998
CVE-2021-38000 CVE-2021-38001 CVE-2021-38003 CVE-2021-38004
CVE-2021-38005 CVE-2021-38006 CVE-2021-38007 CVE-2021-38008
CVE-2021-38009 CVE-2021-38010 CVE-2021-38011 CVE-2021-38012
CVE-2021-38013 CVE-2021-38014 CVE-2021-38015 CVE-2021-38016
CVE-2021-38017 CVE-2021-38018 CVE-2021-38019 CVE-2021-38020
CVE-2021-38021 CVE-2021-38022
Package : vivaldi
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-2475

Impact

A remote attacker could execute arbitrary code, disclose sensitive information, spoof content, bypass security restrictions or crash the browser through crafted web content. Google is aware that exploits for two of the security issues exist in the wild.

Workaround

None.

Related News

© 2022 Guardian Digital, Inc All Rights Reserved

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.