[ASA-201903-8] chromium: multiple issues

2019-03-13T00:00:00
ID ASA-201903-8
Type archlinux
Reporter ArchLinux
Modified 2019-03-13T00:00:00

Description

Arch Linux Security Advisory ASA-201903-8

Severity: High Date : 2019-03-13 CVE-ID : CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790 CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794 CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798 CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803 Package : chromium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-923

Summary

The package chromium before version 73.0.3683.75-1 is vulnerable to multiple issues including arbitrary code execution, access restriction bypass, content spoofing and information disclosure.

Resolution

Upgrade to 73.0.3683.75-1.

pacman -Syu "chromium>=73.0.3683.75-1"

The problems have been fixed upstream in version 73.0.3683.75.

Workaround

None.

Description

  • CVE-2019-5787 (arbitrary code execution)

A use-after-free issue has been found in the Canvas component of the chromium browser before 73.0.3683.75.

  • CVE-2019-5788 (arbitrary code execution)

A use-after-free issue has been found in the FileAPI component of the chromium browser before 73.0.3683.75.

  • CVE-2019-5789 (arbitrary code execution)

A use-after-free issue has been found in the WebMIDI component of the chromium browser before 73.0.3683.75.

  • CVE-2019-5790 (arbitrary code execution)

A heap-based buffer overflow has been found in the V8 component of the chromium browser before 73.0.3683.75.

  • CVE-2019-5791 (arbitrary code execution)

A type confusion issue has been found in the V8 component of the chromium browser before 73.0.3683.75.

  • CVE-2019-5792 (arbitrary code execution)

An integer overflow issue has been found in the PDFium component of the chromium browser before 73.0.3683.75.

  • CVE-2019-5793 (access restriction bypass)

An excessive permissions for private API issue has been found in the Extensions component of the chromium browser before 73.0.3683.75.

  • CVE-2019-5794 (content spoofing)

A UI spoofing issue has been found in the chromium browser before 73.0.3683.75.

  • CVE-2019-5795 (arbitrary code execution)

An integer overflow issue has been found in the PDFium component of the chromium browser before 73.0.3683.75.

  • CVE-2019-5796 (arbitrary code execution)

A race condition has been found in the Extensions component of the chromium browser before 73.0.3683.75.

  • CVE-2019-5797 (arbitrary code execution)

A race condition has been found in the DOMStorage component of the chromium browser before 73.0.3683.75.

  • CVE-2019-5798 (information disclosure)

An out-of-bounds read has been found in the Skia component of the chromium browser before 73.0.3683.75.

  • CVE-2019-5799 (access restriction bypass)

A CSP bypass issue with blob URLs has been found in the chromium browser before 73.0.3683.75.

  • CVE-2019-5800 (access restriction bypass)

A CSP bypass issue with blob URLs has been found in the chromium browser before 73.0.3683.75.

  • CVE-2019-5802 (content spoofing)

A UI spoofing issue has been found in the chromium browser before 73.0.3683.75.

  • CVE-2019-5803 (access restriction bypass)

A CSP bypass issue with Javascript URLs has been found in the chromium browser before 73.0.3683.75.

Impact

A remote attacker can access sensitive information, bypass security restrictions and execute arbitrary code via crafted web content.

References

https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html https://bugs.chromium.org/p/chromium/issues/detail?id=913964 https://bugs.chromium.org/p/chromium/issues/detail?id=925864 https://bugs.chromium.org/p/chromium/issues/detail?id=921581 https://bugs.chromium.org/p/chromium/issues/detail?id=914736 https://bugs.chromium.org/p/chromium/issues/detail?id=926651 https://bugs.chromium.org/p/chromium/issues/detail?id=914983 https://bugs.chromium.org/p/chromium/issues/detail?id=937487 https://bugs.chromium.org/p/chromium/issues/detail?id=935175 https://bugs.chromium.org/p/chromium/issues/detail?id=919643 https://bugs.chromium.org/p/chromium/issues/detail?id=918861 https://bugs.chromium.org/p/chromium/issues/detail?id=916523 https://bugs.chromium.org/p/chromium/issues/detail?id=883596 https://bugs.chromium.org/p/chromium/issues/detail?id=905301 https://bugs.chromium.org/p/chromium/issues/detail?id=894228 https://bugs.chromium.org/p/chromium/issues/detail?id=632514 https://bugs.chromium.org/p/chromium/issues/detail?id=909865 https://security.archlinux.org/CVE-2019-5787 https://security.archlinux.org/CVE-2019-5788 https://security.archlinux.org/CVE-2019-5789 https://security.archlinux.org/CVE-2019-5790 https://security.archlinux.org/CVE-2019-5791 https://security.archlinux.org/CVE-2019-5792 https://security.archlinux.org/CVE-2019-5793 https://security.archlinux.org/CVE-2019-5794 https://security.archlinux.org/CVE-2019-5795 https://security.archlinux.org/CVE-2019-5796 https://security.archlinux.org/CVE-2019-5797 https://security.archlinux.org/CVE-2019-5798 https://security.archlinux.org/CVE-2019-5799 https://security.archlinux.org/CVE-2019-5800 https://security.archlinux.org/CVE-2019-5802 https://security.archlinux.org/CVE-2019-5803