Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Mageia 8: 2022-0318 Moderate: Chromium-Browser-Stable Exploit Fix

mageia
Calendar Grey September 4, 2022
Dist Mageia Esm H88
Critical vulnerabilities in the chromium-browser-stable have been patched, enhancing safety and security while browsing on Mageia.
The chromium-browser-stable package has been updated to the new 105 branch with the 105.0.5195.102 version, fixing many bugs and 25 vulnerabilities

Summary

The chromium-browser-stable package has been updated to the new 105 branch with the 105.0.5195.102 version, fixing many bugs and 25 vulnerabilities.
Google is aware of reports that an exploit for CVE-2022-3075 exists in the wild. Some of the addressed CVE are listed below:
High CVE-2022-3075: Insufficient data validation in Mojo. Reported by Anonymous on 2022-08-30
Critical CVE-2022-3038: Use after free in Network Service. Reported by Sergei Glazunov of Google Project Zero on 2022-06-28
High CVE-2022-3039: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-07-11
High CVE-2022-3040: Use after free in Layout. Reported by Anonymous on 2022-07-03
High CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute on 2022-07-20
High CVE-2022-3042: Use after free in PhoneHub. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerabilit...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=30802

- https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html

- https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html

- https://blog.chromium.org/2022/08/chrome-105-beta-custom-highlighting.html

- https://www.cve.org/CVERecord?id=CVE-2022-3038

- https://www.cve.org/CVERecord?id=CVE-2022-3039

- https://www.cve.org/CVERecord?id=CVE-2022-3040

- https://www.cve.org/CVERecord?id=CVE-2022-3041

- https://www.cve.org/CVERecord?id=CVE-2022-3042

- https://www.cve.org/CVERecord?id=CVE-2022-3043

- https://www.cve.org/CVERecord?id=CVE-2022-3044

- https://www.cve.org/CVERecord?id=CVE-2022-3045

- https://www.cve.org/CVERecord?id=CVE-2022-3046

- https://www.cve.org/CVERecord?id=CVE-2022-3047

- https://www.cve.org/CVERecord?id=CVE-2022-3048

- https://www.cve.org/CVERecord?id=CVE-2022-3049

- https://www.cve.org/CVERecord?id=CVE-2022-3050

- https://www.cve.org/CVERecord?id=CVE-2022-3051

- https://www.cve.org/CVERecord?id=CVE-2022-3052

- https://www.cve.org/CVERecord?id=CVE-2022-3053

- https://www.cve.org/CVERecord?id=CVE-2022-3054

- https://www.cve.org/CVERecord?id=CVE-2022-3055

- https://www.cve.org/CVERecord?id=CVE-2022-3056

- https://www.cve.org/CVERecord?id=CVE-2022-3057

- https://www.cve.org/CVERecord?id=CVE-2022-3058

- https://www.cve.org/CVERecord?id=CVE-2022-3071

- https://www.cve.org/CVERecord?id=CVE-2022-3075

Topics%20covered

Topics Covered

security advisory buffer overflow bug fix exploit network service browser update mageia

Resolution

SRPMS

- 8/core/chromium-browser-stable-105.0.5195.102-1.mga8

Publication date: 04 Sep 2022
URL: https://advisories.mageia.org/MGASA-2022-0318.html
Type: security
CVE: CVE-2022-3038, CVE-2022-3039, CVE-2022-3040, CVE-2022-3041, CVE-2022-3042, CVE-2022-3043, CVE-2022-3044, CVE-2022-3045, CVE-2022-3046, CVE-2022-3047, CVE-2022-3048, CVE-2022-3049, CVE-2022-3050, CVE-2022-3051, CVE-2022-3052, CVE-2022-3053, CVE-2022-3054, CVE-2022-3055, CVE-2022-3056, CVE-2022-3057, CVE-2022-3058, CVE-2022-3071, CVE-2022-3075

Topics%20covered

Topics Covered

security advisory buffer overflow bug fix exploit network service browser update mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here