Security
Headlines
HeadlinesLatestCVEs

Headline

Debian Security Advisory 5261-1

Debian Linux Security Advisory 5261-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Packet Storm
#linux#debian#dos#chrome
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5261-1                   [email protected]://www.debian.org/security/                       Moritz MuehlenhoffOctober 26, 2022                      https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2022-3652 CVE-2022-3653 CVE-2022-3654 CVE-2022-3655                 CVE-2022-3656 CVE-2022-3657 CVE-2022-3658 CVE-2022-3659                 CVE-2022-3660 CVE-2022-3661Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the stable distribution (bullseye), these problems have been fixed inversion 107.0.5304.68-1~deb11u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNZexEACgkQEMKTtsN8TjYRnxAAqAA0Egh1wZoBi7sCYhoCqR546MdWDKO/bJfqYq2aKO3KZDz9Td7BnZ1t/v+Cj49QBk+OfQaLbSP0KTcPqYIQAtd9z2bdskSs+4rFcj+jFmmM59WsSEghsGGApANaYUUsDitGqVJpFUkZCXHYxYUt0sWJYZ8QeYHipQr6Mw22+n77igvQjpqzdIpDXIUlSasDGx7vFoX0Psu8C5TvXhCjxzFr0mLHRuEf+HjlrEwS7eTrycZN2rcc0JFH6oCwVtitKsiEwhystoaDaX1YKZczQ/O9S+pBj4wh4PTQPNTUeODyN3pZKwRVJmUM8rR/lBTEfFRtUw615ieDX/lideqfo9OK0GmY3iSwf5oL728iuu5seWcPKAO09t6sNvG2Fjw6JTn0NQ7z9LZFHeWDbDlLV6ABQ2VusoMMRRkAdNV9ycuiXThGsQBw6ukTUzUfKnui9NV37ouDClnahB96/Y4i8BGXyYF0T4TMCJUtiZCG4xASGEbMHwUO4h6A2WjIq/m6F2pg98cEG/losAuxBwtwzRzoUY8gvoQZE+7WoMTRyQIpmO8AfJraNvexKx/im/7eLvtF/0XIy57hQzRsnbOQ1RzcdxDgV4zJ+L+QeyXDgkAwYs1s1Xtt7Dl21New/cV0OUInJ9Z9qvOo2Hz7D/UOYopDjlhx1XMZJPtgXIOilQQ=rkOd-----END PGP SIGNATURE-----

Related news

Credential Stealing Flaw in Google Chrome Impacted 2.5 Billion Users

By Deeba Ahmed The vulnerability affected all Chromium-based browsers, including Opera and Edge. This is a post from HackRead.com Read the original post: Credential Stealing Flaw in Google Chrome Impacted 2.5 Billion Users

Experts Detail Chromium Browser Security Flaw Putting Confidential Data at Risk

Details have emerged about a now-patched vulnerability in Google Chrome and Chromium-based browsers that, if successfully exploited, could have made it possible to siphon files containing confidential data. "The issue arose from the way the browser interacted with symlinks when processing files and directories," Imperva researcher Ron Masas said. "Specifically, the browser did not properly check

CVE-2022-3652: Stable Channel Update for Desktop

Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)

CVE-2022-3654

Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)

CVE-2022-3658

Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chrome security severity: Medium)

CVE-2022-3660

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 107.0.5304.62 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chrome security severity: Medium)

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution