All errata/sisyphus/ALT-PU-2022-1310-2
ALT-PU-2022-1310-2

Package update chromium in branch sisyphus

Version98.0.4758.102-alt1
Task#295480
Published2026-02-04
Max severityHIGH
Severity:

Closed issues (16)

BDU:2022-00946
HIGH8.8

Уязвимость компонента GPU браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Published: 2022-02-25Modified: 2024-04-03
CVSS 3.xHIGH 8.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
BDU:2022-00947
HIGH8.8

Уязвимость набора библиотек времени выполнения Mojo браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Published: 2022-02-25Modified: 2024-04-03
CVSS 3.xHIGH 8.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
BDU:2022-00955
HIGH8.1

Уязвимость компонента Gamepad API браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность и доступность защищаемой информации

Published: 2022-02-25Modified: 2024-04-03
CVSS 3.xHIGH 8.1
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVSS 2.0CRITICAL 9.4
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:N/A:C
References
BDU:2022-00966
HIGH8.8

Уязвимость компонента Tab Groups браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Published: 2022-02-25Modified: 2024-04-03
CVSS 3.xHIGH 8.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
BDU:2022-00967
HIGH8.8

Уязвимость компонента File Manager браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Published: 2022-02-25Modified: 2024-04-03
CVSS 3.xHIGH 8.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
BDU:2022-00968
HIGH8.8

Уязвимость компонента Webstore API браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Published: 2022-02-25Modified: 2024-04-03
CVSS 3.xHIGH 8.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
BDU:2022-00969
HIGH8.8

Уязвимость библиотеки ANGLE браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Published: 2022-02-25Modified: 2024-04-03
CVSS 3.xHIGH 8.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
CVE-2022-0603
HIGH8.8

Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2022-04-05Modified: 2024-11-21
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
CVE-2022-0604
HIGH8.8

Heap buffer overflow in Tab Groups in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.

Published: 2022-04-05Modified: 2024-11-21
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
CVE-2022-0605
HIGH8.8

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.

Published: 2022-04-05Modified: 2024-11-21
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
CVE-2022-0606
HIGH8.8

Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2022-04-05Modified: 2024-11-21
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
CVE-2022-0607
HIGH8.8

Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2022-04-05Modified: 2024-11-21
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
CVE-2022-0608
HIGH8.8

Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2022-04-05Modified: 2024-11-21
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
CVE-2022-0609
HIGH8.8

Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2022-04-05Modified: 2025-10-24
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
CVE-2022-0610
HIGH8.8

Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2022-04-05Modified: 2024-11-21
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References

Closed bugs (1)

Bug #41964

Запрос на обновление до версии 98.0.4758.102 в связи c несколькими CVE