Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Mageia 9: MGASA-2024-0205 High: Chromium-Browser-Stable Heap Overflow

mageia
Calendar Grey June 3, 2024
Dist Mageia Esm H88
MGASA-2024-0206 announces updates for firefox-stable that address various critical vulnerabilities, enhancing overall protection.
The chromium-browser-stable package has been updated to the 125.0.6422.141 release

Summary

The chromium-browser-stable package has been updated to the 125.0.6422.141 release. It includes 11 security fixes. Some of them are: * High CVE-2024-5493: Heap buffer overflow in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2024-05-11 * High CVE-2024-5494: Use after free in Dawn. Reported by wgslfuzz on 2024-05-01 * High CVE-2024-5495: Use after free in Dawn. Reported by wgslfuzz on 2024-05-01 * High CVE-2024-5496: Use after free in Media Session. Reported by Cassidy Kim(@cassidy6564) on 2024-05-06 * High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab on 2024-05-07 * High CVE-2024-5498: Use after free in Presentation API. Reported by anymous on 2024-05-09 * High CVE-2024-5499: Out of bounds write in Streams API. Reported by anonymous on 2024-05-11 Please, do note, only x86_64 is supported since some versions ago. i586 support for linux was stopped some years ago and the community is not able to provide p...

References

- https://bugs.mageia.org/show_bug.cgi?id=33261

- https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html

- https://www.cve.org/CVERecord?id=CVE-2024-5493

- https://www.cve.org/CVERecord?id=CVE-2024-5494

- https://www.cve.org/CVERecord?id=CVE-2024-5495

- https://www.cve.org/CVERecord?id=CVE-2024-5496

- https://www.cve.org/CVERecord?id=CVE-2024-5497

- https://www.cve.org/CVERecord?id=CVE-2024-5498

- https://www.cve.org/CVERecord?id=CVE-2024-5499

Resolution

SRPMS

- 9/tainted/chromium-browser-stable-125.0.6422.141-1.mga9.tainted

Publication date: 03 Jun 2024
URL: https://advisories.mageia.org/MGASA-2024-0205.html
Type: security
CVE: CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496, CVE-2024-5497, CVE-2024-5498, CVE-2024-5499

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here