[ASA-202002-3] chromium: multiple issues
Arch Linux Security Advisory ASA-202002-3 ========================================= Severity: Critical Date : 2020-02-06 CVE-ID : CVE-2019-18197 CVE-2019-19880 CVE-2019-19923 CVE-2019-19925 CVE-2019-19926 CVE-2020-6381 CVE-2020-6382 CVE-2020-6385 CVE-2020-6387 CVE-2020-6388 CVE-2020-6389 CVE-2020-6390 CVE-2020-6391 CVE-2020-6392 CVE-2020-6393 CVE-2020-6394 CVE-2020-6395 CVE-2020-6396 CVE-2020-6397 CVE-2020-6398 CVE-2020-6399 CVE-2020-6400 CVE-2020-6401 CVE-2020-6402 CVE-2020-6403 CVE-2020-6404 CVE-2020-6405 CVE-2020-6406 CVE-2020-6408 CVE-2020-6409 CVE-2020-6410 CVE-2020-6411 CVE-2020-6412 CVE-2020-6413 CVE-2020-6414 CVE-2020-6415 CVE-2020-6416 Package : chromium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1092 Summary ======= The package chromium before version 80.0.3987.87-1 is vulnerable to multiple issues including arbitrary code execution, access restriction bypass, information disclosure, insufficient validation and content spoofing. Resolution ========== Upgrade to 80.0.3987.87-1. # pacman -Syu "chromium>=80.0.3987.87-1" The problems have been fixed upstream in version 80.0.3987.87. Workaround ========== None. Description =========== - CVE-2019-18197 (insufficient validation) Multiple vulnerabilities have been found in the xml component of the chromium browser before 80.0.3987.8. - CVE-2019-19880 (insufficient validation) Multiple vulnerabilities have been found in the SQLite component of the chromium browser before 80.0.3987.8. - CVE-2019-19923 (information disclosure) An out of bounds memory access has been found in the SQLite component of the chromium browser before 80.0.3987.8. - CVE-2019-19925 (insufficient validation) Multiple vulnerabilities have been found in the SQLite component of the chromium browser before 80.0.3987.8. - CVE-2019-19926 (insufficient validation) An inappropriate implementation security issue has been found in the SQLite component of the chromium browser before 80.0.3987.8. - CVE-2020-6381 (arbitrary code execution) An integer overflow security issue has been found in the javascript component of the chromium browser before 80.0.3987.8. - CVE-2020-6382 (arbitrary code execution) A type confusion security issue has been found in the javascript component of the chromium browser before 80.0.3987.8. - CVE-2020-6385 (access restriction bypass) An insufficient policy enforcement security issue has been found in the storage component of the chromium browser before 80.0.3987.8. - CVE-2020-6387 (arbitrary code execution) An out of bounds write has been found in the WebRTC component of the chromium browser before 80.0.3987.8. - CVE-2020-6388 (information disclosure) An out of bounds memory access has been found in the WebAudio component of the chromium browser before 80.0.3987.8. - CVE-2020-6389 (arbitrary code execution) An out of bounds write has been found in the WebRTC component of the chromium browser before 80.0.3987.8. - CVE-2020-6390 (information disclosure) An out of bounds memory access has been found in the streams component of the chromium browser before 80.0.3987.8. - CVE-2020-6391 (insufficient validation) An insufficient validation of untrusted input security issue has been found in the Blink component of the chromium browser before 80.0.3987.8. - CVE-2020-6392 (access restriction bypass) An insufficient policy enforcement security issue has been found in the Extensions component of the chromium browser before 80.0.3987.8. - CVE-2020-6393 (access restriction bypass) An insufficient policy enforcement security issue has been found in the Blink component of the chromium browser before 80.0.3987.8. - CVE-2020-6394 (access restriction bypass) An insufficient policy enforcement security issue has been found in the Blink component of the chromium browser before 80.0.3987.8. - CVE-2020-6395 (information disclosure) An out of bounds read has been found in the javascript component of the chromium browser before 80.0.3987.8. - CVE-2020-6396 (access restriction bypass) An inappropriate implementation security issue has been found in the Skia component of the chromium browser before 80.0.3987.8. - CVE-2020-6397 (content spoofing) An incorrect security UI issue has been found in the sharing component of the chromium browser before 80.0.3987.8. - CVE-2020-6398 (information disclosure) An uninitialized use has been found in the PDFium component of the chromium browser before 80.0.3987.8. - CVE-2020-6399 (access restriction bypass) An insufficient policy enforcement issue has been found in the AppCache component of the chromium browser before 80.0.3987.8. - CVE-2020-6400 (access restriction bypass) An inappropriate implementation issue has been found in the CORS component of the chromium browser before 80.0.3987.8. - CVE-2020-6401 (insufficient validation) An insufficient validation of untrusted input security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8. - CVE-2020-6402 (access restriction bypass) An insufficient policy enforcement security issue has been found in the Downloads component of the chromium browser before 80.0.3987.8. - CVE-2020-6403 (content spoofing) A incorrect security UI issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8. - CVE-2020-6404 (access restriction bypass) An inappropriate implementation security issue has been found in the Blink component of the chromium browser before 80.0.3987.8. - CVE-2020-6405 (information disclosure) An out of bounds read has been found in the SQLite component of the chromium browser before 80.0.3987.8. - CVE-2020-6406 (arbitrary code execution) A use-after-free security issue has been found in the Audio component of the chromium browser before 80.0.3987.8. - CVE-2020-6408 (access restriction bypass) An insufficient policy enforcement security issue has been found in the CORS component of the chromium browser before 80.0.3987.8. - CVE-2020-6409 (access restriction bypass) An inappropriate implementation security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8. - CVE-2020-6410 (access restriction bypass) An insufficient policy enforcement security issue has been found in the navigation component of the chromium browser before 80.0.3987.8. - CVE-2020-6411 (insufficient validation) An insufficient validation of untrusted input security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8. - CVE-2020-6412 (insufficient validation) An insufficient validation of untrusted input security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8. - CVE-2020-6413 (access restriction bypass) An inappropriate implementation security issue has been found in the Blink component of the chromium browser before 80.0.3987.8. - CVE-2020-6414 (access restriction bypass) An insufficient policy enforcement security issue has been found in the Safe Browsing component of the chromium browser before 80.0.3987.8. - CVE-2020-6415 (access restriction bypass) An inappropriate implementation security issue has been found in the javascript component of the chromium browser before 80.0.3987.8. - CVE-2020-6416 (insufficient validation) An insufficient data validation security issue has been found in the streams component of the chromium browser before 80.0.3987.8. Impact ====== A remote attacker can bypass security measures, access sensitive information, spoof the content of parts of the UI or execute arbitrary code on the affected host. References ========== https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desk... https://crbug.com/1020745 https://crbug.com/1038863 https://crbug.com/1042578 https://crbug.com/1042700 https://crbug.com/1034394 https://crbug.com/1031909 https://crbug.com/1035399 https://crbug.com/1042535 https://crbug.com/1042879 https://crbug.com/1042933 https://crbug.com/1045874 https://crbug.com/1017871 https://crbug.com/1030411 https://crbug.com/1035058 https://crbug.com/1014371 https://crbug.com/1022855 https://crbug.com/1035271 https://crbug.com/1027408 https://crbug.com/1032090 https://crbug.com/1039869 https://crbug.com/1038036 https://crbug.com/1017707 https://crbug.com/1029375 https://crbug.com/1006012 https://crbug.com/1024256 https://crbug.com/1042145 https://crbug.com/1042254 https://crbug.com/1026546 https://crbug.com/1037889 https://crbug.com/881675 https://crbug.com/929711 https://crbug.com/968505 https://crbug.com/1005713 https://crbug.com/1021855 https://crbug.com/1029576 https://crbug.com/1031895 https://security.archlinux.org/CVE-2019-18197 https://security.archlinux.org/CVE-2019-19880 https://security.archlinux.org/CVE-2019-19923 https://security.archlinux.org/CVE-2019-19925 https://security.archlinux.org/CVE-2019-19926 https://security.archlinux.org/CVE-2020-6381 https://security.archlinux.org/CVE-2020-6382 https://security.archlinux.org/CVE-2020-6385 https://security.archlinux.org/CVE-2020-6387 https://security.archlinux.org/CVE-2020-6388 https://security.archlinux.org/CVE-2020-6389 https://security.archlinux.org/CVE-2020-6390 https://security.archlinux.org/CVE-2020-6391 https://security.archlinux.org/CVE-2020-6392 https://security.archlinux.org/CVE-2020-6393 https://security.archlinux.org/CVE-2020-6394 https://security.archlinux.org/CVE-2020-6395 https://security.archlinux.org/CVE-2020-6396 https://security.archlinux.org/CVE-2020-6397 https://security.archlinux.org/CVE-2020-6398 https://security.archlinux.org/CVE-2020-6399 https://security.archlinux.org/CVE-2020-6400 https://security.archlinux.org/CVE-2020-6401 https://security.archlinux.org/CVE-2020-6402 https://security.archlinux.org/CVE-2020-6403 https://security.archlinux.org/CVE-2020-6404 https://security.archlinux.org/CVE-2020-6405 https://security.archlinux.org/CVE-2020-6406 https://security.archlinux.org/CVE-2020-6408 https://security.archlinux.org/CVE-2020-6409 https://security.archlinux.org/CVE-2020-6410 https://security.archlinux.org/CVE-2020-6411 https://security.archlinux.org/CVE-2020-6412 https://security.archlinux.org/CVE-2020-6413 https://security.archlinux.org/CVE-2020-6414 https://security.archlinux.org/CVE-2020-6415 https://security.archlinux.org/CVE-2020-6416
participants (1)
-
Remi Gacogne