ALT Linux Team

Package chromium update in sisyphus on 2022-02-16

ALT-PU-2022-1310-1

Package chromium updated to version 98.0.4758.102-alt1 for branch sisyphus in task 295480.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00946

Уязвимость компонента GPU браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (8.8) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-02-16

BDU:2022-00947

Уязвимость набора библиотек времени выполнения Mojo браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (8.8) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-02-16

BDU:2022-00955

Уязвимость компонента Gamepad API браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность и доступность защищаемой информации

Severity: HIGH (8.1) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
References:
Published: 2022-02-16

BDU:2022-00966

Уязвимость компонента Tab Groups браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (8.8) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-02-16

BDU:2022-00967

Уязвимость компонента File Manager браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (8.8) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-02-16

BDU:2022-00968

Уязвимость компонента Webstore API браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (8.8) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-02-16

BDU:2022-00969

Уязвимость библиотеки ANGLE браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (8.8) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-04-05
Modified: 2024-11-21

CVE-2022-0603

Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-04-05
Modified: 2024-11-21

CVE-2022-0604

Heap buffer overflow in Tab Groups in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-04-05
Modified: 2024-11-21

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-04-05
Modified: 2024-11-21

CVE-2022-0606

Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-04-05
Modified: 2024-11-21

CVE-2022-0607

Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-04-05
Modified: 2024-11-21

CVE-2022-0608

Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-04-05
Modified: 2025-02-05

CVE-2022-0609

Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-04-05
Modified: 2024-11-21

CVE-2022-0610

Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:

Closed bugs

Bug #41964

Запрос на обновление до версии 98.0.4758.102 в связи c несколькими CVE

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top