Update to Chromium 75.0.3770.100. The usual pile of bugs and CVE fixes. vaapi support disabled, just too broken. :(
Fixes CVE-2019-5805 CVE-2019-5806 CVE-2019-5807 CVE-2019-5808 CVE-2019-5809 CVE-2019-5810 CVE-2019-5811 CVE-2019-5813 CVE-2019-5814 CVE-2019-5815 CVE-2019-5818 CVE-2019-5819 CVE-2019-5820 CVE-2019-5821 CVE-2019-5822 CVE-2019-5824 CVE-2019-5825 CVE-2019-5826 CVE-2019-5827 CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837 CVE-2019-5838 CVE-2019-5839 CVE-2019-5840 CVE-2019-5842
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2019-8fb8240d14.
#
include("compat.inc");
if (description)
{
script_id(126359);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/07/11");
script_cve_id("CVE-2019-5805", "CVE-2019-5806", "CVE-2019-5807", "CVE-2019-5808", "CVE-2019-5809", "CVE-2019-5810", "CVE-2019-5811", "CVE-2019-5813", "CVE-2019-5814", "CVE-2019-5815", "CVE-2019-5818", "CVE-2019-5819", "CVE-2019-5820", "CVE-2019-5821", "CVE-2019-5822", "CVE-2019-5824", "CVE-2019-5825", "CVE-2019-5826", "CVE-2019-5827", "CVE-2019-5828", "CVE-2019-5829", "CVE-2019-5830", "CVE-2019-5831", "CVE-2019-5832", "CVE-2019-5833", "CVE-2019-5834", "CVE-2019-5835", "CVE-2019-5836", "CVE-2019-5837", "CVE-2019-5838", "CVE-2019-5839", "CVE-2019-5840", "CVE-2019-5842");
script_xref(name:"FEDORA", value:"2019-8fb8240d14");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/22");
script_name(english:"Fedora 30 : chromium (2019-8fb8240d14)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Update to Chromium 75.0.3770.100. The usual pile of bugs and CVE
fixes. vaapi support disabled, just too broken. :(
Fixes CVE-2019-5805 CVE-2019-5806 CVE-2019-5807 CVE-2019-5808
CVE-2019-5809 CVE-2019-5810 CVE-2019-5811 CVE-2019-5813 CVE-2019-5814
CVE-2019-5815 CVE-2019-5818 CVE-2019-5819 CVE-2019-5820 CVE-2019-5821
CVE-2019-5822 CVE-2019-5824 CVE-2019-5825 CVE-2019-5826 CVE-2019-5827
CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832
CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837
CVE-2019-5838 CVE-2019-5839 CVE-2019-5840 CVE-2019-5842
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-8fb8240d14"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected chromium package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-5836");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Google Chrome 72 and 73 Array.map exploit');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:chromium");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:30");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/06/27");
script_set_attribute(attribute:"patch_publication_date", value:"2019/07/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/01");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^30([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 30", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC30", reference:"chromium-75.0.3770.100-2.fc30", allowmaj:TRUE)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "chromium");
}
Vendor | Product | Version | CPE |
---|---|---|---|
fedoraproject | fedora | chromium | p-cpe:/a:fedoraproject:fedora:chromium |
fedoraproject | fedora | 30 | cpe:/o:fedoraproject:fedora:30 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5835
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842
bodhi.fedoraproject.org/updates/FEDORA-2019-8fb8240d14