[ASA-202004-9] chromium: multiple issues
Remi Gacogne
rgacogne at archlinux.org
Fri Apr 10 12:30:21 UTC 2020
Arch Linux Security Advisory ASA-202004-9
=========================================
Severity: High
Date : 2020-04-08
CVE-ID : CVE-2020-6423 CVE-2020-6430 CVE-2020-6431 CVE-2020-6432
CVE-2020-6433 CVE-2020-6434 CVE-2020-6435 CVE-2020-6436
CVE-2020-6437 CVE-2020-6438 CVE-2020-6439 CVE-2020-6440
CVE-2020-6441 CVE-2020-6442 CVE-2020-6443 CVE-2020-6444
CVE-2020-6445 CVE-2020-6446 CVE-2020-6447 CVE-2020-6448
CVE-2020-6454 CVE-2020-6455 CVE-2020-6456
Package : chromium
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-1128
Summary
=======
The package chromium before version 81.0.4044.92-1 is vulnerable to
multiple issues including arbitrary code execution, information
disclosure, access restriction bypass and insufficient validation.
Resolution
==========
Upgrade to 81.0.4044.92-1.
# pacman -Syu "chromium>=81.0.4044.92-1"
The problems have been fixed upstream in version 81.0.4044.92.
Workaround
==========
None.
Description
===========
- CVE-2020-6423 (arbitrary code execution)
A use after free security issue has been found in the audio component
of the chromium browser before 81.0.4044.92.
- CVE-2020-6430 (arbitrary code execution)
A type confusion security issue has been found in the V8 component of
the chromium browser before 81.0.4044.92.
- CVE-2020-6431 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the
full screen component of the chromium browser before 81.0.4044.92.
- CVE-2020-6432 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the
navigations component of the chromium browser before 81.0.4044.92.
- CVE-2020-6433 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the
extensions component of the chromium browser before 81.0.4044.92.
- CVE-2020-6434 (arbitrary code execution)
A use-after-free security issue has been found in the devtools
component of the chromium browser before 81.0.4044.92.
- CVE-2020-6435 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the
extensions component of the chromium browser before 81.0.4044.92.
- CVE-2020-6436 (arbitrary code execution)
A use-after-free security issue has been found in the window management
component of the chromium browser before 81.0.4044.92.
- CVE-2020-6437 (access restriction bypass)
An inappropriate implementation security issue has been found in the
WebView component of the chromium browser before 81.0.4044.92.
- CVE-2020-6438 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the
extensions component of the chromium browser before 81.0.4044.92.
- CVE-2020-6439 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the
navigations component of the chromium browser before 81.0.4044.92.
- CVE-2020-6440 (access restriction bypass)
An inappropriate implementation security issue has been found in the
extensions component of the chromium browser before 81.0.4044.92.
- CVE-2020-6441 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the
omnibox component of the chromium browser before 81.0.4044.92.
- CVE-2020-6442 (access restriction bypass)
An inappropriate implementation security issue has been found in the
cache component of the chromium browser before 81.0.4044.92.
- CVE-2020-6443 (insufficient validation)
An insufficient data validation security issue has been found in the
developer tools component of the chromium browser before 81.0.4044.92.
- CVE-2020-6444 (information disclosure)
An uninitialized memory use issue has been found in the WebRTC
component of the chromium browser before 81.0.4044.92.
- CVE-2020-6445 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the
trusted types component of the chromium browser before 81.0.4044.92.
- CVE-2020-6446 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the
trusted types component of the chromium browser before 81.0.4044.92.
- CVE-2020-6447 (access restriction bypass)
An inappropriate implementation security issue has been found in the
developer tools component of the chromium browser before 81.0.4044.92.
- CVE-2020-6448 (arbitrary code execution)
A use-after-free security issue has been found in the V8 component of
the chromium browser before 81.0.4044.92.
- CVE-2020-6454 (arbitrary code execution)
A use after free security issue has been found in the extensions
component of the chromium browser before 81.0.4044.92.
- CVE-2020-6455 (information disclosure)
A out of bounds read security issue has been found in the WebSQL
component of the chromium browser before 81.0.4044.92.
- CVE-2020-6456 (insufficient validation)
An insufficient validation of untrusted input security issue has been
found in the clipboard component of the chromium browser before
81.0.4044.92.
Impact
======
A remote attacker might be able to access sensitive information, bypass
security measures or execute arbitrary code.
References
==========
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html
https://crbug.com/1043446
https://crbug.com/1031479
https://crbug.com/852645
https://crbug.com/965611
https://crbug.com/1043965
https://crbug.com/1048555
https://crbug.com/1032158
https://crbug.com/1034519
https://crbug.com/639173
https://crbug.com/714617
https://crbug.com/868145
https://crbug.com/894477
https://crbug.com/959571
https://crbug.com/1013906
https://crbug.com/1040080
https://crbug.com/922882
https://crbug.com/933171
https://crbug.com/933172
https://crbug.com/991217
https://crbug.com/1037872
https://crbug.com/1019161
https://crbug.com/1059669
https://crbug.com/1040755
https://security.archlinux.org/CVE-2020-6423
https://security.archlinux.org/CVE-2020-6430
https://security.archlinux.org/CVE-2020-6431
https://security.archlinux.org/CVE-2020-6432
https://security.archlinux.org/CVE-2020-6433
https://security.archlinux.org/CVE-2020-6434
https://security.archlinux.org/CVE-2020-6435
https://security.archlinux.org/CVE-2020-6436
https://security.archlinux.org/CVE-2020-6437
https://security.archlinux.org/CVE-2020-6438
https://security.archlinux.org/CVE-2020-6439
https://security.archlinux.org/CVE-2020-6440
https://security.archlinux.org/CVE-2020-6441
https://security.archlinux.org/CVE-2020-6442
https://security.archlinux.org/CVE-2020-6443
https://security.archlinux.org/CVE-2020-6444
https://security.archlinux.org/CVE-2020-6445
https://security.archlinux.org/CVE-2020-6446
https://security.archlinux.org/CVE-2020-6447
https://security.archlinux.org/CVE-2020-6448
https://security.archlinux.org/CVE-2020-6454
https://security.archlinux.org/CVE-2020-6455
https://security.archlinux.org/CVE-2020-6456
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20200410/b86294c1/attachment-0001.sig>
More information about the arch-security
mailing list