Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2024-37F95CE86B.NASLHistorySep 18, 2024 - 12:00 a.m.
Fedora 39 : chromium (2024-37f95ce86b)
2024-09-1800:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
1
fedora 39
chromium
vulnerabilities
update
heap buffer overflow
use after free
type confusion
cve-2024-8636
cve-2024-8637
cve-2024-8638
cve-2024-8639
skia
media router
v8
autofill
tenable
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.2
Confidence
Low
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-37f95ce86b advisory.
update to 128.0.6613.137
* High CVE-2024-8636: Heap buffer overflow in Skia
* High CVE-2024-8637: Use after free in Media Router
* High CVE-2024-8638: Type Confusion in V8
* High CVE-2024-8639: Use after free in Autofill
Tenable has extracted the preceding description block directly from the Fedora security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2024-37f95ce86b
#
include('compat.inc');
if (description)
{
script_id(207373);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/18");
script_cve_id(
"CVE-2024-8636",
"CVE-2024-8637",
"CVE-2024-8638",
"CVE-2024-8639",
"CVE-2024-43796",
"CVE-2024-45590"
);
script_xref(name:"FEDORA", value:"2024-37f95ce86b");
script_name(english:"Fedora 39 : chromium (2024-37f95ce86b)");
script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the
FEDORA-2024-37f95ce86b advisory.
update to 128.0.6613.137
* High CVE-2024-8636: Heap buffer overflow in Skia
* High CVE-2024-8637: Use after free in Media Router
* High CVE-2024-8638: Type Confusion in V8
* High CVE-2024-8639: Use after free in Autofill
Tenable has extracted the preceding description block directly from the Fedora security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2024-37f95ce86b");
script_set_attribute(attribute:"solution", value:
"Update the affected chromium package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-8639");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/09/10");
script_set_attribute(attribute:"patch_publication_date", value:"2024/09/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/09/18");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:39");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:chromium");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Fedora Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');
var os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');
os_ver = os_ver[1];
if (! preg(pattern:"^39([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 39', 'Fedora ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);
var pkgs = [
{'reference':'chromium-128.0.6613.137-1.fc39', 'release':'FC39', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}
];
var flag = 0;
foreach package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (reference && _release) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromium');
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45590
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8636
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8637
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8638
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8639
bodhi.fedoraproject.org/updates/FEDORA-2024-37f95ce86b
Related
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-0a4a65f805)
2024-09-16 00:00:00
Fedora: Security Advisory (FEDORA-2024-37f95ce86b)
2024-09-18 00:00:00
Debian: Security Advisory (DSA-5768-1)
2024-09-12 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: chromium-128.0.6613.137-1.fc40
2024-09-14 02:02:05
[SECURITY] Fedora 39 Update: chromium-128.0.6613.137-1.fc39
2024-09-18 03:35:32
[SECURITY] Fedora 41 Update: chromium-128.0.6613.137-1.fc41
2024-09-18 01:54:49
nessus
nessus
Fedora 40 : chromium (2024-0a4a65f805)
2024-09-14 00:00:00
Google Chrome < 128.0.6613.137 Multiple Vulnerabilities
2024-09-10 00:00:00
kaspersky
kaspersky
KLA73273 Multiple vulnerabilities in Microsoft Browser
2024-09-13 00:00:00
KLA73220 Multiple vulnerabilities in Google Chrome
2024-09-10 00:00:00
osv
osv
Security update for chromium
2024-09-16 08:29:07
chromium - security update
2024-09-11 00:00:00
chromedriver-128.0.6613.137-1.1 on GA media
2024-09-13 00:00:00
freebsd
freebsd
chromium -- multiple security fixes
2024-09-10 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2024-09-10 00:00:00
vulnrichment
vulnrichment
CVE-2024-45590 body-parser vulnerable to denial of service when url encoding is enabled
2024-09-10 15:54:02
CVE-2024-43796 express vulnerable to XSS via response.redirect()
2024-09-10 14:36:27
CVE-2024-8637
2024-09-11 13:47:55
debiancve
debiancve
redhatcve
redhatcve
CVE-2024-45590
2024-09-10 17:43:43
CVE-2024-43796
2024-09-10 16:13:22
nvd
nvd
cvelist
cvelist
CVE-2024-45590 body-parser vulnerable to denial of service when url encoding is enabled
2024-09-10 15:54:02
CVE-2024-43796 express vulnerable to XSS via response.redirect()
2024-09-10 14:36:27
CVE-2024-8637
2024-09-11 13:47:55
cve
cve
github
github
body-parser vulnerable to denial of service when url encoding is enabled
2024-09-10 15:52:39
express vulnerable to XSS via response.redirect()
2024-09-10 19:41:04
wolfi
wolfi
CVE-2024-45590 vulnerabilities
2024-09-19 21:18:36
CVE-2024-43796 vulnerabilities
2024-09-19 21:18:36
CVE-2024-8637 vulnerabilities
2024-09-19 21:18:36
mscve
mscve
Chromium: CVE-2024-8637 Use after free in Media Router
2024-09-13 00:05:38
Chromium: CVE-2024-8636 Heap buffer overflow in Skia
2024-09-13 00:05:32
Chromium: CVE-2024-8639 Use after free in Autofill
2024-09-13 00:05:42
alpinelinux
alpinelinux
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.2
Confidence
Low
Related for FEDORA_2024-37F95CE86B.NASL