Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 754
Alerts This Week
Warning Icon 1 754

openSUSE 2023:0131-1 Critical: Chromium Use After Free Issues

opensuse
Calendar Grey June 16, 2023
Dist Opensuse Esm H88
Fedora addresses key security flaws in firefox, enhancing overall system protection through its most recent patch.
An update that fixes four vulnerabilities is now available

Description

This update for chromium fixes the following issues:

Chromium 114.0.5735.133 (boo#1212302):

- CVE-2023-3214: Use after free in Autofill payments

- CVE-2023-3215: Use after free in WebRTC

- CVE-2023-3216: Type Confusion in V8

- CVE-2023-3217: Use after free in WebXR

- Various fixes from internal audits, fuzzing and other initiatives

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP5:

zypper in -t patch openSUSE-2023-131=1

Package List

- openSUSE Backports SLE-15-SP5 (aarch64 x86_64):

chromedriver-114.0.5735.133-bp155.2.7.1

chromium-114.0.5735.133-bp155.2.7.1

References

https://www.suse.com/security/cve/CVE-2023-3214.html

https://www.suse.com/security/cve/CVE-2023-3215.html

https://www.suse.com/security/cve/CVE-2023-3216.html

https://www.suse.com/security/cve/CVE-2023-3217.html

https://bugzilla.suse.com/1212302

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2023:0131-1
Rating: critical
Affected Products: openSUSE Backports SLE-15-SP5 .

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.