Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 39: Security Advisory FEDORA-2024-37f95ce86b for Chromium

fedora
Calendar Grey September 18, 2024
Dist Fedora Esm H88
Urgent patches rolled out for Fedora 39 Chromium version, tackling numerous serious vulnerabilities.
update to 128.0.6613.137 * High CVE-2024-8636: Heap buffer overflow in Skia * High CVE-2024-8637: Use after free in Media Router * High CVE-2024-8638: Type Confusion in V8 * Hi...

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

update to 128.0.6613.137 * High CVE-2024-8636: Heap buffer overflow in Skia * High CVE-2024-8637: Use after free in Media Router * High CVE-2024-8638: Type Confusion in V8 * High CVE-2024-8639: Use after free in Autofill

Topics%20covered

Topics Covered

security advisory fedora heap overflow chromium type confusion media router

Change Log

* Wed Sep 11 2024 Than Ngo - 128.0.6613.137-1 - update to 128.0.6613.137 * High CVE-2024-8636: Heap buffer overflow in Skia * High CVE-2024-8637: Use after free in Media Router * High CVE-2024-8638: Type Confusion in V8 * High CVE-2024-8639: Use after free in Autofill

References


[ 1 ] Bug #2311182 - CVE-2024-45590 chromium: Denial of Service Vulnerability in body-parser [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2311182 [ 2 ] Bug #2311196 - CVE-2024-45590 chromium: Denial of Service Vulnerability in body-parser [fedora-39] https://bugzilla.redhat.com/show_bug.cgi?id=2311196 [ 3 ] Bug #2311225 - CVE-2024-45590 chromium: Denial of Service Vulnerability in body-parser [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2311225 [ 4 ] Bug #2311373 - CVE-2024-43796 chromium: Improper Input Handling in Express Redirects [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2311373 [ 5 ] Bug #2311378 - CVE-2024-43796 chromium: Improper Input Handling in Express Redirects [fedora-39] https://bugzilla.redhat.com/show_bug.cgi?id=2311378 [ 6 ] Bug #2311393 - CVE-2024-43796 chromium: Improper Input Handling in Express Redirects [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2311...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-37f95ce86b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: chromium
Product: Fedora 39
Version: 128.0.6613.137
Release: 1.fc39
URL: http://www.chromium.org/Home
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

security advisory fedora heap overflow chromium type confusion media router

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here