21 Severe Chromium Vulns Fixed - Update Now!
Twenty-one severe vulnerabilities have been found in Chromium, including multiple use after frees and heap buffer overflows, among other security issues. These bugs have received a National Vulnerability Database severity rating of “High” due to their ease of exploitation and their significant threat to impacted systems' confidentiality, integrity, and availability.
These vulnerabilities have enabled remote attackers to exploit heap corruption and perform arbitrary read/write via a crafted HTML page. They also allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension.
Important updates have been released for Chromium that fix these severe issues. We urge all impacted users to apply the updates released by Debian, Fedora and openSUSE now to protect against attacks leading to downtime and compromise.
To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user, subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.
Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).