Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Mageia 9: 2024-0161 High Severity: Chromium Use After Free Issues

mageia
Calendar Grey May 9, 2024
Dist Mageia Esm H88
Recent updates to the chromium-browser-stable packages tackle significant vulnerabilities found in Mageia 9, offering essential corrections and improvements.
The chromium-browser-stable package has been updated to the 124.0.6367.128 release

Summary

The chromium-browser-stable package has been updated to the 124.0.6367.128 release. It includes 2 security fixes. Please, do note, only x86_64 is supported from now on. i586 support for linux was stopped some years ago and the community is not able to provide patches anymore for the latest Chromium code. Some of the security fixes are: * High CVE-2024-4331: Use after free in Picture In Picture. Reported by Zhenghang Xiao (@Kipreyyy) on 2024-04-16 * High CVE-2024-4368: Use after free in Dawn. Reported by wgslfuzz on 2024-04-09

References

- https://bugs.mageia.org/show_bug.cgi?id=33151

- https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html

- https://www.cve.org/CVERecord?id=CVE-2024-4331

- https://www.cve.org/CVERecord?id=CVE-2024-4368

Topics%20covered

Topics Covered

security advisory high severity security fix web browser x86_64 Chromium Mageia

Resolution

SRPMS

- 9/tainted/chromium-browser-stable-124.0.6367.118-1.mga9.tainted

Publication date: 09 May 2024
URL: https://advisories.mageia.org/MGASA-2024-0161.html
Type: security
CVE: CVE-2024-4331, CVE-2024-4368

Topics%20covered

Topics Covered

security advisory high severity security fix web browser x86_64 Chromium Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here