openSUSE 15-SP3: 2022:10009-1 Critical: Chromium Issues Fixed
opensuse
June 15, 2022
An update that fixes 28 vulnerabilities is now available
Description
This update for chromium fixes the following issues:
Chromium 102.0.5005.115 (boo#1200423)
* CVE-2022-2007: Use after free in WebGPU
* CVE-2022-2008: Out of bounds memory access in WebGL
* CVE-2022-2010: Out of bounds read in compositing
* CVE-2022-2011: Use after free in ANGLE
Chromium 102.0.5001.61 (boo#1199893)
* CVE-2022-1853: Use after free in Indexed DB
* CVE-2022-1854: Use after free in ANGLE
* CVE-2022-1855: Use after free in Messaging
* CVE-2022-1856: Use after free in User Education
* CVE-2022-1857: Insufficient policy enforcement in File System API
* CVE-2022-1858: Out of bounds read in DevTools
* CVE-2022-1859: Use after free in Performance Manager
* CVE-2022-1860: Use after free in UI Foundations
* CVE-2022-1861: Use after free in Sharing
* CVE-2022-1862: Inappropriate implementation in Extensions
* CVE-2022-1863: Use after free in Tab Groups
* CVE-2022-1864: Use after free in WebApp Installs
*...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10009=1
Package List
- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):
chromedriver-102.0.5005.115-bp153.2.101.1
chromedriver-debuginfo-102.0.5005.115-bp153.2.101.1
chromium-102.0.5005.115-bp153.2.101.1
chromium-debuginfo-102.0.5005.115-bp153.2.101.1
References
https://www.suse.com/security/cve/CVE-2022-1853.html
https://www.suse.com/security/cve/CVE-2022-1854.html
https://www.suse.com/security/cve/CVE-2022-1855.html
https://www.suse.com/security/cve/CVE-2022-1856.html
https://www.suse.com/security/cve/CVE-2022-1857.html
https://www.suse.com/security/cve/CVE-2022-1858.html
https://www.suse.com/security/cve/CVE-2022-1859.html
https://www.suse.com/security/cve/CVE-2022-1860.html
https://www.suse.com/security/cve/CVE-2022-1861.html
https://www.suse.com/security/cve/CVE-2022-1862.html
https://www.suse.com/security/cve/CVE-2022-1863.html
https://www.suse.com/security/cve/CVE-2022-1864.html
https://www.suse.com/security/cve/CVE-2022-1865.html
https://www.suse.com/security/cve/CVE-2022-1866.html
https://www.suse.com/security/cve/CVE-2022-1867.html
https://www.suse.com/security/cve/CVE-2022-1868.html
https://www.suse.com/security/cve/CVE-2022-1869.html
https://www.suse.com/security/cve/CVE-2022-1870.html
https://www.suse.com/security/cve/CVE-2022-1871.html
https://www....
Read the Full Advisory
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2022:10009-1
Rating: critical
Affected Products: openSUSE Backports SLE-15-SP3 .
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!