[arch-security] [ASA-201701-33] chromium: multiple issues
Remi Gacogne
rgacogne at archlinux.org
Fri Jan 27 18:02:05 UTC 2017
Arch Linux Security Advisory ASA-201701-33
==========================================
Severity: Critical
Date : 2017-01-27
CVE-ID : CVE-2017-5006 CVE-2017-5007 CVE-2017-5008 CVE-2017-5009
CVE-2017-5010 CVE-2017-5011 CVE-2017-5012 CVE-2017-5013
CVE-2017-5014 CVE-2017-5015 CVE-2017-5016 CVE-2017-5017
CVE-2017-5018 CVE-2017-5019 CVE-2017-5020 CVE-2017-5021
CVE-2017-5022 CVE-2017-5023 CVE-2017-5024 CVE-2017-5025
CVE-2017-5026
Package : chromium
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-156
Summary
=======
The package chromium before version 56.0.2924.76-1 is vulnerable to
multiple issues including arbitrary code execution, arbitrary
filesystem access, cross-site scripting, content spoofing, information
disclosure, access restriction bypass and denial of service.
Resolution
==========
Upgrade to 56.0.2924.76-1.
# pacman -Syu "chromium>=56.0.2924.76-1"
The problems have been fixed upstream in version 56.0.2924.76.
Workaround
==========
None.
Description
===========
- CVE-2017-5006 (cross-site scripting)
An universal XSS flaw was found in the Blink component of the Chromium
browser.
- CVE-2017-5007 (cross-site scripting)
An universal XSS flaw was found in the Blink component of the Chromium
browser.
- CVE-2017-5008 (cross-site scripting)
An universal XSS flaw was found in the Blink component of the Chromium
browser.
- CVE-2017-5009 (arbitrary code execution)
An out of bounds memory access flaw was found in the WebRTC component
of the Chromium browser.
- CVE-2017-5010 (cross-site scripting)
An universal XSS flaw was found in the Blink component of the Chromium
browser.
- CVE-2017-5011 (arbitrary filesystem access)
An unauthorised file access flaw was found in the Devtools component of
the Chromium browser.
- CVE-2017-5012 (arbitrary code execution)
A heap overflow flaw was found in the V8 component of the Chromium
browser.
- CVE-2017-5013 (content spoofing)
An address spoofing flaw was found in the Omnibox component of the
Chromium browser
- CVE-2017-5014 (arbitrary code execution)
A heap overflow flaw was found in the Skia component of the Chromium
browser.
- CVE-2017-5015 (content spoofing)
An address spoofing flaw was found in the Omnibox component of the
Chromium browser.
- CVE-2017-5016 (content spoofing)
An UI spoofing flaw was found in the Blink component of the Chromium
browser.
- CVE-2017-5017 (information disclosure)
An uninitialised memory access flaw was found in the webm video
component of the Chromium browser.
- CVE-2017-5018 (cross-site scripting)
An universal XSS flaw was found in the chrome://apps component of the
Chromium browser.
- CVE-2017-5019 (arbitrary code execution)
An use after free flaw was found in the Renderer component of the
Chromium browser.
- CVE-2017-5020 (cross-site scripting)
An universal XSS flaw was found in the chrome://downloads component of
the Chromium browser.
- CVE-2017-5021 (arbitrary code execution)
A use-after-free flaw was found in the Extensions component of the
Chromium browser.
- CVE-2017-5022 (access restriction bypass)
A bypass of content security policy flaw was found in the Blink
component of the Chromium browser.
- CVE-2017-5023 (denial of service)
A type confusion flaw was found in the metrics component of the
Chromium browser.
- CVE-2017-5024 (arbitrary code execution)
A heap overflow flaw was found in the FFmpeg component of the Chromium
browser.
- CVE-2017-5025 (arbitrary code execution)
A heap overflow flaw was found in the FFmpeg component of the Chromium
browser.
- CVE-2017-5026 (content spoofing)
A UI spoofing flaw was found in the Chromium browser.
Impact
======
A remote attacker can access sensitive information and arbitrary files,
bypass security restrictions, spoof content and execute arbitrary code
on the affected host.
References
==========
https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html
https://bugzilla.redhat.com/show_bug.cgi?id=1416658
https://code.google.com/p/chromium/issues/detail?id=673170
https://code.google.com/p/chromium/issues/detail?id=671102
https://bugzilla.redhat.com/show_bug.cgi?id=1416657
https://bugzilla.redhat.com/show_bug.cgi?id=1416659
https://code.google.com/p/chromium/issues/detail?id=668552
https://bugzilla.redhat.com/show_bug.cgi?id=1416662
https://code.google.com/p/chromium/issues/detail?id=667504
https://bugzilla.redhat.com/show_bug.cgi?id=1416660
https://code.google.com/p/chromium/issues/detail?id=663476
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-5011
https://code.google.com/p/chromium/issues/detail?id=662859
https://bugzilla.redhat.com/show_bug.cgi?id=1416663
https://code.google.com/p/chromium/issues/detail?id=681843
https://code.google.com/p/chromium/issues/detail?id=677716
https://bugzilla.redhat.com/show_bug.cgi?id=1416664
https://bugzilla.redhat.com/show_bug.cgi?id=1416665
https://code.google.com/p/chromium/issues/detail?id=675332
https://bugzilla.redhat.com/show_bug.cgi?id=1416666
https://code.google.com/p/chromium/issues/detail?id=673971
https://bugzilla.redhat.com/show_bug.cgi?id=1416668
https://code.google.com/p/chromium/issues/detail?id=673163
https://bugzilla.redhat.com/show_bug.cgi?id=1416669
https://code.google.com/p/chromium/issues/detail?id=676975
https://bugzilla.redhat.com/show_bug.cgi?id=1416670
https://code.google.com/p/chromium/issues/detail?id=668665
https://bugzilla.redhat.com/show_bug.cgi?id=1416667
https://code.google.com/p/chromium/issues/detail?id=666714
https://bugzilla.redhat.com/show_bug.cgi?id=1416671
https://code.google.com/p/chromium/issues/detail?id=668653
https://bugzilla.redhat.com/show_bug.cgi?id=1416672
https://code.google.com/p/chromium/issues/detail?id=663726
https://bugzilla.redhat.com/show_bug.cgi?id=1416673
https://code.google.com/p/chromium/issues/detail?id=663620
https://bugzilla.redhat.com/show_bug.cgi?id=1416674
https://code.google.com/p/chromium/issues/detail?id=651443
https://bugzilla.redhat.com/show_bug.cgi?id=1416675
https://code.google.com/p/chromium/issues/detail?id=643951
https://code.google.com/p/chromium/issues/detail?id=643950
https://bugzilla.redhat.com/show_bug.cgi?id=1416676
https://code.google.com/p/chromium/issues/detail?id=634108
https://bugzilla.redhat.com/show_bug.cgi?id=1416677
https://security.archlinux.org/CVE-2017-5006
https://security.archlinux.org/CVE-2017-5007
https://security.archlinux.org/CVE-2017-5008
https://security.archlinux.org/CVE-2017-5009
https://security.archlinux.org/CVE-2017-5010
https://security.archlinux.org/CVE-2017-5011
https://security.archlinux.org/CVE-2017-5012
https://security.archlinux.org/CVE-2017-5013
https://security.archlinux.org/CVE-2017-5014
https://security.archlinux.org/CVE-2017-5015
https://security.archlinux.org/CVE-2017-5016
https://security.archlinux.org/CVE-2017-5017
https://security.archlinux.org/CVE-2017-5018
https://security.archlinux.org/CVE-2017-5019
https://security.archlinux.org/CVE-2017-5020
https://security.archlinux.org/CVE-2017-5021
https://security.archlinux.org/CVE-2017-5022
https://security.archlinux.org/CVE-2017-5023
https://security.archlinux.org/CVE-2017-5024
https://security.archlinux.org/CVE-2017-5025
https://security.archlinux.org/CVE-2017-5026
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20170127/3974d8aa/attachment.asc>
More information about the arch-security
mailing list