Mageia 9: MGASA-2024-0321 critical: chromium-browser security fixes
mageia
October 4, 2024
Use after free in Downloads
Summary
Use after free in Downloads. (CVE-2024-6988) Use after free in Loader. (CVE-2024-6989) Use after free in Dawn. (CVE-2024-6991) Heap buffer overflow in Layout. (CVE-2024-6994) Inappropriate implementation in Fullscreen. (CVE-2024-6995) Race in Frames. (CVE-2024-6996) Use after free in Tabs. (CVE-2024-6997) Use after free in User Education. (CVE-2024-6998) Inappropriate implementation in FedCM. (CVE-2024-6999) Use after free in CSS. (CVE-2024-7000) Inappropriate implementation in HTML. (CVE-2024-7001) Inappropriate implementation in FedCM. (CVE-2024-7003) Insufficient validation of untrusted input in Safe Browsing. (CVE-2024-7004) Insufficient validation of untrusted input in Safe Browsing. (CVE-2024-7005) Uninitialized Use in Dawn. (CVE-2024-6990) Out of bounds read in WebTransport. (CVE-2024-7255) Insufficient data validation in Dawn. (CVE-2024-7256) Out of bounds memory access in ANGLE. (CVE-2024-7532) Use after free in Sharing. (CVE-2024-7533) Type Confusion in V8. (CVE-2024-7550)...
References
- https://bugs.mageia.org/show_bug.cgi?id=33443
- https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html
- https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html
- https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html
- https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop.html
- https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html
- https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html
- https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_13.html
- https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html
- https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_30.html
- https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html
- https://www.cve.org/CVERecord?id=CVE-2024-6988
- https://www.cve.org/CVERecord?id=CVE-2024-6989
- https://www.cve.org/CVERecord?id=CVE-2024-6991
- https://www.cve.org/CVERecord?id=CVE-2024-6994
- https://www.cve.org/CVERecord?id=CVE-2024-6995
- https://www.cve.org/CVERecord?id=CVE-2024-6996
- https://www.cve.org/CVERecord?id=CVE-2024-6997
- https://www.cve.org/CVERecord?id=CVE-2024-6998
- https://www.cve.org/CVERecord?id=CVE-2024-6999
- https://www.cve.org/CVERecord?id=CVE-2024-7000
- https://www.cve.org/CVERecord?id=CVE-2024-7001
- https://www.cve.org/CVERecord?id=CVE-2024-7003
- https://www.cve.org/CVERecord?id=CVE-2024-7004
- https://www.cve.org/CVERecord?id=CVE-2024-7005
Resolution
SRPMS
- 9/tainted/chromium-browser-stable-128.0.6613.137-1.mga9.tainted
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 04 Oct 2024
URL: https://advisories.mageia.org/MGASA-2024-0321.html
Type: security
CVE: CVE-2024-6988, CVE-2024-6989, CVE-2024-6991, CVE-2024-6994, CVE-2024-6995, CVE-2024-6996, CVE-2024-6997, CVE-2024-6998, CVE-2024-6999, CVE-2024-7000, CVE-2024-7001, CVE-2024-7003, CVE-2024-7004, CVE-2024-7005
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!