openSUSE 15 SP4: 2022:10005-1 Important: Chromium Buffer Overflow
opensuse
June 15, 2022
An update that fixes 24 vulnerabilities is now available
Description
This update for chromium fixes the following issues:
Chromium 102.0.5001.61 (boo#1199893)
* CVE-2022-1853: Use after free in Indexed DB
* CVE-2022-1854: Use after free in ANGLE
* CVE-2022-1855: Use after free in Messaging
* CVE-2022-1856: Use after free in User Education
* CVE-2022-1857: Insufficient policy enforcement in File System API
* CVE-2022-1858: Out of bounds read in DevTools
* CVE-2022-1859: Use after free in Performance Manager
* CVE-2022-1860: Use after free in UI Foundations
* CVE-2022-1861: Use after free in Sharing
* CVE-2022-1862: Inappropriate implementation in Extensions
* CVE-2022-1863: Use after free in Tab Groups
* CVE-2022-1864: Use after free in WebApp Installs
* CVE-2022-1865: Use after free in Bookmarks
* CVE-2022-1866: Use after free in Tablet Mode
* CVE-2022-1867: Insufficient validation of untrusted input in Data
Transfer
* CVE-2022-1868: Inappropriate implementation in Extensions API
*...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10005=1
Package List
- openSUSE Backports SLE-15-SP4 (aarch64 x86_64):
chromedriver-102.0.5005.61-bp154.2.5.3
chromedriver-debuginfo-102.0.5005.61-bp154.2.5.3
chromium-102.0.5005.61-bp154.2.5.3
chromium-debuginfo-102.0.5005.61-bp154.2.5.3
References
https://www.suse.com/security/cve/CVE-2022-1853.html
https://www.suse.com/security/cve/CVE-2022-1854.html
https://www.suse.com/security/cve/CVE-2022-1855.html
https://www.suse.com/security/cve/CVE-2022-1856.html
https://www.suse.com/security/cve/CVE-2022-1857.html
https://www.suse.com/security/cve/CVE-2022-1858.html
https://www.suse.com/security/cve/CVE-2022-1859.html
https://www.suse.com/security/cve/CVE-2022-1860.html
https://www.suse.com/security/cve/CVE-2022-1861.html
https://www.suse.com/security/cve/CVE-2022-1862.html
https://www.suse.com/security/cve/CVE-2022-1863.html
https://www.suse.com/security/cve/CVE-2022-1864.html
https://www.suse.com/security/cve/CVE-2022-1865.html
https://www.suse.com/security/cve/CVE-2022-1866.html
https://www.suse.com/security/cve/CVE-2022-1867.html
https://www.suse.com/security/cve/CVE-2022-1868.html
https://www.suse.com/security/cve/CVE-2022-1869.html
https://www.suse.com/security/cve/CVE-2022-1870.html
https://www.suse.com/security/cve/CVE-2022-1871.html
https://www....
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2022:10005-1
Rating: important
Affected Products:
openSUSE Backports SLE-15-SP4
.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!