Lucene search

K
freebsdFreeBSD8247AF0D-183B-11EF-9F97-A8A1599412C6
HistoryMay 21, 2024 - 12:00 a.m.

chromium -- multiple security fixes

2024-05-2100:00:00
vuxml.freebsd.org
7
chromium
security fixes
multiple
cve-2024-5157
cve-2024-5158
cve-2024-5159
cve-2024-5160
cve-2024-4947
cve-2024-4948
cve-2024-4949
cve-2024-4950
unix

CVSS3

9.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

0.002

Percentile

61.3%

Chrome Releases reports:

This update includes 15 security fixes:

[336012573] High CVE-2024-5157: Use after free in Scheduling. Reported by Looben Yang on 2024-04-21
[338908243] High CVE-2024-5158: Type Confusion in V8. Reported by Zhenghang Xiao (@Kipreyyy) on 2024-05-06
[335613092] High CVE-2024-5159: Heap buffer overflow in ANGLE. Reported by David Sievers (@loknop) on 2024-04-18
[338161969] High CVE-2024-5160: Heap buffer overflow in Dawn. Reported by wgslfuzz on 2024-05-01
[340221135] High CVE-2024-4947: Type Confusion in V8. Reported by Vasily Berdnikov (@vaber_b) and Boris Larin (@oct0xor) of Kaspersky on 2024-05-13
[333414294] High CVE-2024-4948: Use after free in Dawn. Reported by wgslfuzz on 2024-04-09
[326607001] Medium CVE-2024-4949: Use after free in V8. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2024-02-24
[40065403] Low CVE-2024-4950: Inappropriate implementation in Downloads. Reported by Shaheen Fazim on 2023-06-06

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchchromium< 125.0.6422.76UNKNOWN
FreeBSDanynoarchungoogled-chromium< 125.0.6422.76UNKNOWN

CVSS3

9.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

0.002

Percentile

61.3%