ALT-BU-2025-8879-1
Branch p11 update bulletin.
Closed vulnerabilities
BDU:2025-06282
Уязвимость обработчика JavaScript-сценариев V8 браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2025-06283
Уязвимость технологии BFCache (Back-Forward Cache) браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2025-06284
Уязвимость библиотеки libvpx браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2025-06341
Уязвимость обработчика JavaScript-сценариев V8 браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2025-06391
Уязвимость модуля отображения Blink браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2025-06461
Уязвимость элемента управления вкладками «Tab Strip» браузера Google Chrome, позволяющая нарушителю подменить пользовательский интерфейс
BDU:2025-06462
Уязвимость программного интерфейса FileSystemAccess API браузера Google Chrome, позволяющая нарушителю проводить спуфинг-атаки
BDU:2025-06463
Уязвимость службы обмена сообщениями Messages браузера Google Chrome операционных систем Android, позволяющая нарушителю проводить спуфинг-атаки
BDU:2025-06464
Уязвимость компонента Compositing браузера Google Chrome, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2025-06582
Уязвимость программного интерфейса Background Fetch API браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию с помощью специально созданной HTML-страницы
BDU:2025-07023
Уязвимость инструмента для оптимизации производительности веб-сайта Profiler браузера Google Chrome, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2025-07024
Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2025-07069
Уязвимость компонента Media браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
BDU:2025-07100
Уязвимость компонента V8 браузера Google Chrome, позволяющая нарушителю выполнить произвольный код
Modified: 2025-07-02
CVE-2025-5063
Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-05-29
CVE-2025-5064
Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-05-29
CVE-2025-5065
Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-05-29
CVE-2025-5066
Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-05-29
CVE-2025-5067
Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Modified: 2025-08-28
CVE-2025-5068
Use after free in Blink in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-05-29
CVE-2025-5280
Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-05-29
CVE-2025-5281
Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-05-31
CVE-2025-5283
Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-06-23
CVE-2025-5419
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-06-16
CVE-2025-5958
Use after free in Media in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-06-16
CVE-2025-5959
Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-07-03
CVE-2025-6191
Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-07-03
CVE-2025-6192
Use after free in Metrics in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Closed vulnerabilities
Modified: 2025-07-25
CVE-2025-32462
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
- https://access.redhat.com/security/cve/cve-2025-32462
- https://bugs.gentoo.org/show_bug.cgi?id=CVE-2025-32462
- https://explore.alas.aws.amazon.com/CVE-2025-32462.html
- https://lists.debian.org/debian-security-announce/2025/msg00118.html
- https://security-tracker.debian.org/tracker/CVE-2025-32462
- https://ubuntu.com/security/notices/USN-7604-1
- https://www.openwall.com/lists/oss-security/2025/06/30/2
- https://www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/
- https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host
- https://www.sudo.ws/releases/changelog/
- https://www.sudo.ws/security/advisories/
- https://www.sudo.ws/security/advisories/host_any/
- https://www.suse.com/security/cve/CVE-2025-32462.html
Modified: 2025-07-22
CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
- https://access.redhat.com/security/cve/cve-2025-32463
- https://bugs.gentoo.org/show_bug.cgi?id=CVE-2025-32463
- https://explore.alas.aws.amazon.com/CVE-2025-32463.html
- https://security-tracker.debian.org/tracker/CVE-2025-32463
- https://ubuntu.com/security/notices/USN-7604-1
- https://www.openwall.com/lists/oss-security/2025/06/30/3
- https://www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/
- https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot
- https://www.sudo.ws/releases/changelog/
- https://www.sudo.ws/security/advisories/
- https://www.sudo.ws/security/advisories/chroot_bug/
- https://www.suse.com/security/cve/CVE-2025-32463.html
- https://www.suse.com/support/update/announcement/2025/suse-su-202502177-1/
- https://www.vicarius.io/vsociety/posts/cve-2025-32463-detect-sudo-vulnerability
- https://www.vicarius.io/vsociety/posts/cve-2025-32463-mitigate-sudo-vulnerability
- https://iototsecnews.jp/2025/07/01/linux-sudo-chroot-vulnerability-enables-hackers-to-elevate-privileges-to-root/
Closed bugs
Closed vulnerabilities
Modified: 2025-06-04
CVE-2025-48174
In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size.
- https://github.com/AOMediaCodec/libavif/commit/50a743062938a3828581d725facc9c2b92a1d109
- https://github.com/AOMediaCodec/libavif/commit/c9f1bea437f21cb78f9919c332922a3b0ba65e11
- https://github.com/AOMediaCodec/libavif/commit/e5fdefe7d1776e6c4cf1703c163a8c0535599029
- https://github.com/AOMediaCodec/libavif/pull/2768
Modified: 2025-06-27
CVE-2025-48175
In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes.