Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Mageia: 2022-0130 Critical Update For Chromium Browser - Security Risk

mageia
Calendar Grey April 5, 2022
Dist Mageia Esm H88
Recent updates to the stable chromium-browser packages address critical vulnerabilities related to insecure input processing that could compromise user security.
Use after free in Portals

Summary

Use after free in Portals. (CVE-2022-1125) Use after free in QR Code Generator. (CVE-2022-1127) Inappropriate implementation in Web Share API. (CVE-2022-1128) Inappropriate implementation in Full Screen Mode. (CVE-2022-1129) Insufficient validation of untrusted input in WebOTP. (CVE-2022-1130) Use after free in Cast UI. (CVE-2022-1131) Inappropriate implementation in Virtual Keyboard. (CVE-2022-1132) Use after free in WebRTC. (CVE-2022-1133) Type Confusion in V8. (CVE-2022-1134) Use after free in Shopping Cart. (CVE-2022-1135) Use after free in Tab Strip. (CVE-2022-1136) Inappropriate implementation in Extensions. (CVE-2022-1137) Inappropriate implementation in Web Cursor. (CVE-2022-1138) Inappropriate implementation in Background Fetch API. (CVE-2022-1139) Use after free in File Manager. (CVE-2022-1141) Heap buffer overflow in WebUI. (CVE-2022-1142) Heap buffer overflow in WebUI. (CVE-2022-1143) Use after free in WebUI. (CVE-2022-1144) Use after free in Extensions. (CVE-2022-1145) ...

References

- https://bugs.mageia.org/show_bug.cgi?id=30222

- https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html

- https://www.cve.org/CVERecord?id=CVE-2022-1125

- https://www.cve.org/CVERecord?id=CVE-2022-1127

- https://www.cve.org/CVERecord?id=CVE-2022-1128

- https://www.cve.org/CVERecord?id=CVE-2022-1129

- https://www.cve.org/CVERecord?id=CVE-2022-1130

- https://www.cve.org/CVERecord?id=CVE-2022-1131

- https://www.cve.org/CVERecord?id=CVE-2022-1132

- https://www.cve.org/CVERecord?id=CVE-2022-1133

- https://www.cve.org/CVERecord?id=CVE-2022-1134

- https://www.cve.org/CVERecord?id=CVE-2022-1135

- https://www.cve.org/CVERecord?id=CVE-2022-1136

- https://www.cve.org/CVERecord?id=CVE-2022-1137

- https://www.cve.org/CVERecord?id=CVE-2022-1138

- https://www.cve.org/CVERecord?id=CVE-2022-1139

- https://www.cve.org/CVERecord?id=CVE-2022-1141

- https://www.cve.org/CVERecord?id=CVE-2022-1142

- https://www.cve.org/CVERecord?id=CVE-2022-1143

- https://www.cve.org/CVERecord?id=CVE-2022-1144

- https://www.cve.org/CVERecord?id=CVE-2022-1145

- https://www.cve.org/CVERecord?id=CVE-2022-1146

Topics%20covered

Topics Covered

security advisory update critical browser input handling Chromium Mageia

Resolution

SRPMS

- 8/core/chromium-browser-stable-100.0.4896.60-1.mga8

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 05 Apr 2022
URL: https://advisories.mageia.org/MGASA-2022-0130.html
Type: security
CVE: CVE-2022-1125, CVE-2022-1127, CVE-2022-1128, CVE-2022-1129, CVE-2022-1130, CVE-2022-1131, CVE-2022-1132, CVE-2022-1133, CVE-2022-1134, CVE-2022-1135, CVE-2022-1136, CVE-2022-1137, CVE-2022-1138, CVE-2022-1139, CVE-2022-1141, CVE-2022-1142, CVE-2022-1143, CVE-2022-1144, CVE-2022-1145, CVE-2022-1146

Topics%20covered

Topics Covered

security advisory update critical browser input handling Chromium Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here