Arch Linux Security Advisory ASA-202010-1 ========================================= Severity: Critical Date : 2020-10-10 CVE-ID : CVE-2020-6557 CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971 CVE-2020-15972 CVE-2020-15973 CVE-2020-15974 CVE-2020-15975 CVE-2020-15976 CVE-2020-15977 CVE-2020-15978 CVE-2020-15979 CVE-2020-15980 CVE-2020-15981 CVE-2020-15982 CVE-2020-15983 CVE-2020-15984 CVE-2020-15985 CVE-2020-15986 CVE-2020-15987 CVE-2020-15988 CVE-2020-15989 CVE-2020-15990 CVE-2020-15991 CVE-2020-15992 Package : chromium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1238 Summary ======= The package chromium before version 86.0.4240.75-1 is vulnerable to multiple issues including arbitrary code execution, access restriction bypass, information disclosure and insufficient validation. Resolution ========== Upgrade to 86.0.4240.75-1. # pacman -Syu "chromium>=86.0.4240.75-1" The problems have been fixed upstream in version 86.0.4240.75. Workaround ========== None. Description =========== - CVE-2020-6557 (access restriction bypass) An inappropriate implementation security issue has been found in the networking component of the chromium browser before 86.0.4240.75. - CVE-2020-15967 (arbitrary code execution) A use after free security issue has been found in the payments component of the chromium browser before 86.0.4240.75. - CVE-2020-15968 (arbitrary code execution) A use after free security issue has been found in the Blink component of the chromium browser before 86.0.4240.75. - CVE-2020-15969 (arbitrary code execution) A use after free security issue has been found in the WebRTC component of the chromium browser before 86.0.4240.75. - CVE-2020-15970 (arbitrary code execution) A use after free security issue has been found in the NFC component of the chromium browser before 86.0.4240.75. - CVE-2020-15971 (arbitrary code execution) A use after free security issue has been found in the printing component of the chromium browser before 86.0.4240.75. - CVE-2020-15972 (arbitrary code execution) A use after free security issue has been found in the audio component of the chromium browser before 86.0.4240.75. - CVE-2020-15973 (access restriction bypass) An insufficient policy enforcement security issue has been found in the extensions component of the chromium browser before 86.0.4240.75. - CVE-2020-15974 (arbitrary code execution) An integer overflow security issue has been found in the Blink component of the chromium browser before 86.0.4240.75. - CVE-2020-15975 (arbitrary code execution) An integer overflow security issue has been found in the SwiftShader component of the chromium browser before 86.0.4240.75. - CVE-2020-15976 (arbitrary code execution) A use after free security issue has been found in the WebXR component of the chromium browser before 86.0.4240.75. - CVE-2020-15977 (insufficient validation) An insufficient data validation security issue has been found in the dialogs component of the chromium browser before 86.0.4240.75. - CVE-2020-15978 (insufficient validation) An insufficient data validation security issue has been found in the navigation component of the chromium browser before 86.0.4240.75. - CVE-2020-15979 (access restriction bypass) An inappropriate implementation security issue has been found in the V8 component of the chromium browser before 86.0.4240.75. - CVE-2020-15980 (access restriction bypass) An insufficient policy enforcement security issue has been found in the Intents component of the chromium browser before 86.0.4240.75. - CVE-2020-15981 (information disclosure) An out of bounds read security issue has been found in the audio component of the chromium browser before 86.0.4240.75. - CVE-2020-15982 (information disclosure) A side-channel information leakage security issue has been found in the cache component of the chromium browser before 86.0.4240.75. - CVE-2020-15983 (insufficient validation) An insufficient data validation security issue has been found in the webUI component of the chromium browser before 86.0.4240.75. - CVE-2020-15984 (access restriction bypass) An insufficient policy enforcement security issue has been found in the Omnibox component of the chromium browser before 86.0.4240.75. - CVE-2020-15985 (access restriction bypass) An inappropriate implementation security issue has been found in the Blink component of the chromium browser before 86.0.4240.75. - CVE-2020-15986 (arbitrary code execution) An integer overflow security issue has been found in the media component of the chromium browser before 86.0.4240.75. - CVE-2020-15987 (arbitrary code execution) A use after free security issue has been found in the WebRTC component of the chromium browser before 86.0.4240.75. - CVE-2020-15988 (access restriction bypass) An insufficient policy enforcement security issue has been found in the downloads component of the chromium browser before 86.0.4240.75. - CVE-2020-15989 (information disclosure) An uninitialized use security issue has been found in the PDFium component of the chromium browser before 86.0.4240.75. - CVE-2020-15990 (arbitrary code execution) A use after free security issue has been found in the autofill component of the chromium browser before 86.0.4240.75. - CVE-2020-15991 (arbitrary code execution) A use after free security issue has been found in the password manager component of the chromium browser before 86.0.4240.75. - CVE-2020-15992 (access restriction bypass) An insufficient policy enforcement security issue has been found in the networking component of the chromium browser before 86.0.4240.75. Impact ====== A remote attacker can access sensitive information, bypass security measures and execute arbitrary code on the affected host. References ========== https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desk... https://crbug.com/1083278 https://crbug.com/1127322 https://crbug.com/1126424 https://crbug.com/1124659 https://crbug.com/1108299 https://crbug.com/1114062 https://crbug.com/1115901 https://crbug.com/1106890 https://crbug.com/1104103 https://crbug.com/1110800 https://crbug.com/1123522 https://crbug.com/1097724 https://crbug.com/1116280 https://crbug.com/1127319 https://crbug.com/1092453 https://crbug.com/1123023 https://crbug.com/1039882 https://crbug.com/1076786 https://crbug.com/1080395 https://crbug.com/1099276 https://crbug.com/1100247 https://crbug.com/1127774 https://crbug.com/1092518 https://crbug.com/1108351 https://crbug.com/1133671 https://crbug.com/1133688 https://crbug.com/1110195 https://security.archlinux.org/CVE-2020-6557 https://security.archlinux.org/CVE-2020-15967 https://security.archlinux.org/CVE-2020-15968 https://security.archlinux.org/CVE-2020-15969 https://security.archlinux.org/CVE-2020-15970 https://security.archlinux.org/CVE-2020-15971 https://security.archlinux.org/CVE-2020-15972 https://security.archlinux.org/CVE-2020-15973 https://security.archlinux.org/CVE-2020-15974 https://security.archlinux.org/CVE-2020-15975 https://security.archlinux.org/CVE-2020-15976 https://security.archlinux.org/CVE-2020-15977 https://security.archlinux.org/CVE-2020-15978 https://security.archlinux.org/CVE-2020-15979 https://security.archlinux.org/CVE-2020-15980 https://security.archlinux.org/CVE-2020-15981 https://security.archlinux.org/CVE-2020-15982 https://security.archlinux.org/CVE-2020-15983 https://security.archlinux.org/CVE-2020-15984 https://security.archlinux.org/CVE-2020-15985 https://security.archlinux.org/CVE-2020-15986 https://security.archlinux.org/CVE-2020-15987 https://security.archlinux.org/CVE-2020-15988 https://security.archlinux.org/CVE-2020-15989 https://security.archlinux.org/CVE-2020-15990 https://security.archlinux.org/CVE-2020-15991 https://security.archlinux.org/CVE-2020-15992