Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Mageia: 2024-0150 Critical: Chromium Browser Security Fixes

mageia
Calendar Grey April 27, 2024
Dist Mageia Esm H88
The latest stable release of Chromium features 23 crucial patches addressing multiple security vulnerabilities that impact Mageia users operating on x86_64 architecture.
The chromium-browser-stable package has been updated to the 124.0.6367.60 release

Summary

The chromium-browser-stable package has been updated to the 124.0.6367.60 release. It includes 23 security fixes. Please, do note, only x86_64 is supported from now on. i586 support for linux was stopped some years ago and the community is not able to provide patches anymore for the latest Chromium code. Some of the security fixes are: * High CVE-2024-3832: Object corruption in V8. Reported by Man Yue Mo of GitHub Security Lab on 2024-03-27 * High CVE-2024-3833: Object corruption in WebAssembly. Reported by Man Yue Mo of GitHub Security Lab on 2024-03-27 * High CVE-2024-3914: Use after free in V8. Reported by Seunghyun Lee (@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024 on 2024-03-21 * High CVE-2024-3834: Use after free in Downloads. Reported by ChaobinZhang on 2024-02-24 * Medium CVE-2024-3837: Use after free in QUIC. Reported by {rotiple, dch3ck} of CW Research Inc. on 2024-01-15 * Medium CVE-2024-3838: Inappropriate implementation in Autofill. Reported by KiriminAja on 2024-03-06...

References

- https://bugs.mageia.org/show_bug.cgi?id=33137

- https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html

- https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html

- https://www.cve.org/CVERecord?id=CVE-2024-3832

- https://www.cve.org/CVERecord?id=CVE-2024-3833

- https://www.cve.org/CVERecord?id=CVE-2024-3914

- https://www.cve.org/CVERecord?id=CVE-2024-3834

- https://www.cve.org/CVERecord?id=CVE-2024-3837

- https://www.cve.org/CVERecord?id=CVE-2024-3838

- https://www.cve.org/CVERecord?id=CVE-2024-3839

- https://www.cve.org/CVERecord?id=CVE-2024-3840

- https://www.cve.org/CVERecord?id=CVE-2024-3841

- https://www.cve.org/CVERecord?id=CVE-2024-3843

- https://www.cve.org/CVERecord?id=CVE-2024-3844

- https://www.cve.org/CVERecord?id=CVE-2024-3845

- https://www.cve.org/CVERecord?id=CVE-2024-3846

- https://www.cve.org/CVERecord?id=CVE-2024-3847

- https://www.cve.org/CVERecord?id=CVE-2024-3157

- https://www.cve.org/CVERecord?id=CVE-2024-3516

- https://www.cve.org/CVERecord?id=CVE-2024-3515

Topics%20covered

Topics Covered

security advisory critical fix x86_64 chromium Mageia

Resolution

SRPMS

- 9/tainted/chromium-browser-stable-124.0.6367.60-1.mga9.tainted

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 27 Apr 2024
URL: https://advisories.mageia.org/MGASA-2024-0150.html
Type: security
CVE: CVE-2024-3832, CVE-2024-3833, CVE-2024-3914, CVE-2024-3834, CVE-2024-3837, CVE-2024-3838, CVE-2024-3839, CVE-2024-3840, CVE-2024-3841, CVE-2024-3843, CVE-2024-3844, CVE-2024-3845, CVE-2024-3846, CVE-2024-3847, CVE-2024-3157, CVE-2024-3516, CVE-2024-3515

Topics%20covered

Topics Covered

security advisory critical fix x86_64 chromium Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here