Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Mageia 9: MGASA-2024-0017 Fixes Critical Security Flaws in chromium-browser

mageia
Calendar Grey January 25, 2024
Dist Mageia Esm H88
Recent updates for the chromium-browser-stable rectify various security vulnerabilities in Mageia 9. Find out the details here.
The chromium-browser-stable package has been updated to the 120.0.6099.224 release

Summary

The chromium-browser-stable package has been updated to the 120.0.6099.224 release. 4 vulnerabilities are fixed; some of them are listed below: High CVE-2024-0517: Out of bounds write in V8. Reported by Toan (suto) Pham of Qrious Secure on 2024-01-06. High CVE-2024-0518: Type Confusion in V8. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2023-12-03. High CVE-2024-0519: Out of bounds memory access in V8. Reported by Anonymous on 2024-01-11. Google is aware of reports that an exploit for CVE-2024-0519 exists in the wild.

References

- https://bugs.mageia.org/show_bug.cgi?id=32725

- https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html

- https://www.cve.org/CVERecord?id=CVE-2024-0517

- https://www.cve.org/CVERecord?id=CVE-2024-0518

- https://www.cve.org/CVERecord?id=CVE-2024-0519

Resolution

SRPMS

- 9/tainted/chromium-browser-stable-120.0.6099.224-1.mga9.tainted

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 25 Jan 2024
URL: https://advisories.mageia.org/MGASA-2024-0017.html
Type: security
CVE: CVE-2024-0517, CVE-2024-0518, CVE-2024-0519

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here