Lucene search

FreeBSD007E7E77-2F06-11EF-8A0F-A8A1599412C6

HistoryJun 18, 2024 - 12:00 a.m.

chromium -- multiple security fixes

2024-06-1800:00:00

vuxml.freebsd.org

chromium

security fixes

type confusion

inappropriate implementation

out of bounds memory access

use after free

webassembly

dawn

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.0%

JSON

Chrome Releases reports:

This update includes 6 security fixes:

[344608204] High CVE-2024-6100: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) participating in SSD Secure Disclosure’s TyphoonPWN 2024 on 2024-06-04
[343748812] High CVE-2024-6101: Inappropriate implementation in WebAssembly. Reported by @ginggilBesel on 2024-05-31
[339169163] High CVE-2024-6102: Out of bounds memory access in Dawn. Reported by wgslfuzz on 2024-05-07
[344639860] High CVE-2024-6103: Use after free in Dawn. Reported by wgslfuzz on 2024-06-04

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchchromium< 126.0.6478.114UNKNOWN
FreeBSDanynoarchungoogled-chromium< 126.0.6478.114UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	chromium	< 126.0.6478.114	UNKNOWN
FreeBSD	any	noarch	ungoogled-chromium	< 126.0.6478.114	UNKNOWN

References

chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.0%

JSON

Related for 007E7E77-2F06-11EF-8A0F-A8A1599412C6