[ASA-202112-6] chromium: multiple issues

Jonas Witschel diabonas at archlinux.org
Sun Dec 12 21:10:58 UTC 2021 

Arch Linux Security Advisory ASA-202112-6
=========================================

Severity: High
Date    : 2021-12-11
CVE-ID  : CVE-2021-4052 CVE-2021-4053 CVE-2021-4054 CVE-2021-4055
          CVE-2021-4056 CVE-2021-4057 CVE-2021-4058 CVE-2021-4059
          CVE-2021-4061 CVE-2021-4062 CVE-2021-4063 CVE-2021-4064
          CVE-2021-4065 CVE-2021-4066 CVE-2021-4067 CVE-2021-4068
Package : chromium
Type    : multiple issues
Remote  : Yes
Link    : https://security.archlinux.org/AVG-2600

Summary
=======

The package chromium before version 96.0.4664.93-1 is vulnerable to
multiple issues including arbitrary code execution, content spoofing
and insufficient validation.

Resolution
==========

Upgrade to 96.0.4664.93-1.

# pacman -Syu "chromium>=96.0.4664.93-1"

The problems have been fixed upstream in version 96.0.4664.93.

Workaround
==========

None.

Description
===========

- CVE-2021-4052 (arbitrary code execution)

A use after free security issue has been found in the web apps
component of the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4053 (arbitrary code execution)

A use after free security issue has been found in the UI component of
the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4054 (content spoofing)

An incorrect security UI security issue has been found in the autofill
component of the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4055 (arbitrary code execution)

A heap buffer overflow security issue has been found in the extensions
component of the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4056 (arbitrary code execution)

A type confusion security issue has been found in the loader component
of the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4057 (arbitrary code execution)

A use after free security issue has been found in the file API
component of the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4058 (arbitrary code execution)

A heap buffer overflow security issue has been found in the ANGLE
component of the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4059 (insufficient validation)

An insufficient data validation security issue has been found in the
loader component of the Chromium browser engine before version
96.0.4664.93.

- CVE-2021-4061 (arbitrary code execution)

A type confusion security issue has been found in the V8 component of
the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4062 (arbitrary code execution)

A heap buffer overflow security issue has been found in the BFCache
component of the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4063 (arbitrary code execution)

A use after free security issue has been found in the developer tools
component of the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4064 (arbitrary code execution)

A use after free security issue has been found in the screen capture
component of the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4065 (arbitrary code execution)

A use after free security issue has been found in the autofill
component of the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4066 (arbitrary code execution)

An integer underflow security issue has been found in the ANGLE
component of the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4067 (arbitrary code execution)

A use after free security issue has been found in the window manager
component of the Chromium browser engine before version 96.0.4664.93.

- CVE-2021-4068 (insufficient validation)

An insufficient validation of untrusted input security issue has been
found in the new tab page component of the Chromium browser engine
before version 96.0.4664.93.

Impact
======

A remote attacker could execute arbitrary code or spoof content through
crafted web content.

References
==========

https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html
https://crbug.com/1267661
https://crbug.com/1267791
https://crbug.com/1239760
https://crbug.com/1266510
https://crbug.com/1260939
https://crbug.com/1262183
https://crbug.com/1267496
https://crbug.com/1270990
https://crbug.com/1271456
https://crbug.com/1272403
https://crbug.com/1273176
https://crbug.com/1273197
https://crbug.com/1273674
https://crbug.com/1274499
https://crbug.com/1274641
https://crbug.com/1265197
https://security.archlinux.org/CVE-2021-4052
https://security.archlinux.org/CVE-2021-4053
https://security.archlinux.org/CVE-2021-4054
https://security.archlinux.org/CVE-2021-4055
https://security.archlinux.org/CVE-2021-4056
https://security.archlinux.org/CVE-2021-4057
https://security.archlinux.org/CVE-2021-4058
https://security.archlinux.org/CVE-2021-4059
https://security.archlinux.org/CVE-2021-4061
https://security.archlinux.org/CVE-2021-4062
https://security.archlinux.org/CVE-2021-4063
https://security.archlinux.org/CVE-2021-4064
https://security.archlinux.org/CVE-2021-4065
https://security.archlinux.org/CVE-2021-4066
https://security.archlinux.org/CVE-2021-4067
https://security.archlinux.org/CVE-2021-4068
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20211212/7226a942/attachment.sig>

More information about the arch-security mailing list