Headline
Debian Security Advisory 5483-1
Debian Linux Security Advisory 5483-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5483-1 [email protected]://www.debian.org/security/ Moritz MuehlenhoffAugust 25, 2023 https://www.debian.org/security/faq- -------------------------------------------------------------------------Package : chromiumCVE ID : CVE-2023-4427 CVE-2023-4428 CVE-2023-4429 CVE-2023-4430 CVE-2023-4431Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the oldstable distribution (bullseye), these problems have been fixedin version 116.0.5845.110-1~deb11u1.For the stable distribution (bookworm), these problems have been fixed inversion 116.0.5845.110-1~deb12u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTo/EsACgkQEMKTtsN8TjZcVA//SJ88YLHY0KVBwr1CrQJPHHMeP5gyq80A/LRLf7kNco7jcHfZyiR8LB7V4eo62Um8dCpwzSHRqc73Jx580nn5tW310c3C7LQqVPOu0YBmslLkGstXQmR19mHSZkwGGukYMhoNw/ijfAceRjI2ivCnX1MrZyxb6cRH5vJ4Q0KDkSmCi0l2Luv5NHKYTQgprg4u9ls6OtTPu7BiyRClCJmoqrGvizfKSdVjwVdqrckRzZSmKagiXVpsnZacb8LnBluAyUkzPwC+f3Z9RZsDYzC2BeRn6qPhnRCM3C5LWxMAoypoP1Pv15rHz4qQa/pDFl6kiG1W9HD83UgrY0u32MmBgcCoI6c4nQ32Vk3Z+N+ZHO3kECm/Z7mGTLHXrHk4+jgXJV5TE1vnKNypKh7J6JewVFJxMg8Rw4gMRcod3zMNfBe1q9F39NbSRk0F/5LMfTOKZuZmLTuzX/wV3z6B6I1GoFQx7yw9w3vJ9095hdxWxGstedCSv4uinmPfoEzgCiQjRm828sO1Qzfnv+ukgMruhlFc15tbKdLJGu1mflu7AGURs5s1Q1RPMAZbTFcQ8zb7N/PXyiW2VKERuKRKI0+pjLGSoq7W9RU2Er7Mj9huq0T0xpjAkoR1L+nGXvENDNYNg3Yl4eMhHVnP0UzT37F3GEFEfmgAnlL1ziqypGjHvA0==/urs-----END PGP SIGNATURE-----Related news
Gentoo Linux Security Advisory 202401-34 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected.
Categories: Exploits and vulnerabilities Tags: stable channel Tags: weekly updates Tags: CVE-2023-4427 Tags: CVE-2023-4428 Tags: CVE-2023-4429 Tags: CVE-2023-4430 Tags: CVE-2023-4431 Tags: use after free Tags: out of bounds Tags: heap corruption The first of Chrome's now weekly security updates fixes five vulnerabilities. (Read more...) The post Update now! Google Chrome's first weekly update has arrived appeared first on Malwarebytes Labs.
Categories: Exploits and vulnerabilities Tags: stable channel Tags: weekly updates Tags: CVE-2023-4427 Tags: CVE-2023-4428 Tags: CVE-2023-4429 Tags: CVE-2023-4430 Tags: CVE-2023-4431 Tags: use after free Tags: out of bounds Tags: heap corruption The first of Chrome's now weekly security updates fixes five vulnerabilities. (Read more...) The post Update now! Google Chrome's first weekly update has arrived appeared first on Malwarebytes Labs.
Categories: Exploits and vulnerabilities Tags: stable channel Tags: weekly updates Tags: CVE-2023-4427 Tags: CVE-2023-4428 Tags: CVE-2023-4429 Tags: CVE-2023-4430 Tags: CVE-2023-4431 Tags: use after free Tags: out of bounds Tags: heap corruption The first of Chrome's now weekly security updates fixes five vulnerabilities. (Read more...) The post Update now! Google Chrome's first weekly update has arrived appeared first on Malwarebytes Labs.
Categories: Exploits and vulnerabilities Tags: stable channel Tags: weekly updates Tags: CVE-2023-4427 Tags: CVE-2023-4428 Tags: CVE-2023-4429 Tags: CVE-2023-4430 Tags: CVE-2023-4431 Tags: use after free Tags: out of bounds Tags: heap corruption The first of Chrome's now weekly security updates fixes five vulnerabilities. (Read more...) The post Update now! Google Chrome's first weekly update has arrived appeared first on Malwarebytes Labs.
Categories: Exploits and vulnerabilities Tags: stable channel Tags: weekly updates Tags: CVE-2023-4427 Tags: CVE-2023-4428 Tags: CVE-2023-4429 Tags: CVE-2023-4430 Tags: CVE-2023-4431 Tags: use after free Tags: out of bounds Tags: heap corruption The first of Chrome's now weekly security updates fixes five vulnerabilities. (Read more...) The post Update now! Google Chrome's first weekly update has arrived appeared first on Malwarebytes Labs.
Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)