Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2023-0093-1.NASL
HistoryApr 25, 2023 - 12:00 a.m.

openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0093-1)

2023-04-2500:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
JSON

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0093-1 advisory.

  • Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-2133, CVE-2023-2134)

  • Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-2135)

  • Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
    (Chromium security severity: High) (CVE-2023-2136)

  • Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) (CVE-2023-2137)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# openSUSE Security Update openSUSE-SU-2023:0093-1. The text itself
# is copyright (C) SUSE.
##

include('compat.inc');

if (description)
{
  script_id(174713);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/23");

  script_cve_id(
    "CVE-2023-2133",
    "CVE-2023-2134",
    "CVE-2023-2135",
    "CVE-2023-2136",
    "CVE-2023-2137"
  );
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2023/05/12");

  script_name(english:"openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0093-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the
openSUSE-SU-2023:0093-1 advisory.

  - Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a
    remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security
    severity: High) (CVE-2023-2133, CVE-2023-2134)

  - Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who
    convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted
    HTML page. (Chromium security severity: High) (CVE-2023-2135)

  - Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had
    compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
    (Chromium security severity: High) (CVE-2023-2136)

  - Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to
    potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
    (CVE-2023-2137)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1210618");
  # https://lists.opensuse.org/archives/list/[email protected]/thread/4OJ2D7Q6EV4EW53HYRQAZZUTECASLJC3/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0816db46");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2133");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2134");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2135");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2136");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2137");
  script_set_attribute(attribute:"solution", value:
"Update the affected chromedriver and / or chromium packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-2137");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2023-2136");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/04/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/04/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/04/25");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromedriver");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.4");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/SuSE/release');
if (isnull(os_release) || os_release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, 'openSUSE');
var _os_ver = pregmatch(pattern: "^SUSE([\d.]+)", string:os_release);
if (isnull(_os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');
_os_ver = _os_ver[1];
if (os_release !~ "^(SUSE15\.4)$") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.4', os_release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + _os_ver, cpu);

var pkgs = [
    {'reference':'chromedriver-112.0.5615.165-bp154.2.84.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'chromedriver-112.0.5615.165-bp154.2.84.1', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'chromium-112.0.5615.165-bp154.2.84.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'chromium-112.0.5615.165-bp154.2.84.1', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var _cpu = NULL;
  var rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && _release) {
    if (rpm_check(release:_release, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');
}
VendorProductVersionCPE
novellopensusechromiump-cpe:/a:novell:opensuse:chromium
novellopensusechromedriverp-cpe:/a:novell:opensuse:chromedriver
novellopensuse15.4cpe:/o:novell:opensuse:15.4

Related

nessus 15
debian 1
osv 2
chrome 1
freebsd 1
openvas 15
kaspersky 4
fedora 6
veracode 5
cve 5
cnvd 5
cvelist 5
debiancve 5
prion 5
ubuntucve 5
alpinelinux 1
mscve 5
attackerkb 1
cisa_kev 1
malwarebytes 2
mageia 1
thn 9
avleonov 1
gentoo 1
securelist 1
nessus
nessus
Google Chrome < 112.0.5615.137 Multiple Vulnerabilities
2023-04-19 00:00:00
Debian DSA-5393-1 : chromium - security update
2023-04-25 00:00:00
FreeBSD : chromium -- multiple vulnerabilities (90c48c04-d549-4fc0-a503-4775e32d438e)
2023-04-20 00:00:00
debian
debian
[SECURITY] [DSA 5393-1] chromium security update
2023-04-22 16:14:10
osv
osv
chromium - security update
2023-04-22 00:00:00
Integer overflow in SkSLVMCodeGenerator
2023-07-01 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2023-04-18 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2023-04-20 00:00:00
openvas
openvas
Google Chrome Security Updates (stable-channel-update-for-desktop_18-2023-04) - Mac OS X
2023-04-20 00:00:00
openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0093-1)
2024-03-04 00:00:00
Google Chrome Security Updates (stable-channel-update-for-desktop_18-2023-04) - Linux
2023-04-20 00:00:00
kaspersky
kaspersky
KLA48975 Multiple vulnerabilities in Google Chrome
2023-04-18 00:00:00
KLA49015 Multiple vulnerabilities in Microsoft Browser
2023-04-20 00:00:00
KLA49064 Multiple vulnerabilities in Opera
2023-04-26 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: chromium-112.0.5615.165-1.fc37
2023-04-27 00:36:56
[SECURITY] Fedora 38 Update: chromium-112.0.5615.165-1.fc38
2023-05-02 00:56:52
[SECURITY] Fedora 36 Update: chromium-112.0.5615.165-1.fc36
2023-04-26 01:53:41
veracode
veracode
Denial Of Services (DoS)
2023-04-29 10:09:02
Denial Of Services (DoS)
2023-04-29 10:09:08
Denial Of Services (DoS)
2023-04-29 10:09:00
cve
cve
CVE-2023-2133
2023-04-19 04:15:31
CVE-2023-2135
2023-04-19 04:15:31
CVE-2023-2134
2023-04-19 04:15:31
cnvd
cnvd
Google Chrome Memory Misreference Vulnerability
2023-04-23 00:00:00
Google Chrome Buffer Overflow Vulnerability (CNVD-2023-43885)
2023-04-21 00:00:00
Google Chrome Code Execution Vulnerability (CNVD-2023-67083)
2023-04-23 00:00:00
cvelist
cvelist
CVE-2023-2135
2023-04-19 03:40:26
CVE-2023-2133
2023-04-19 03:40:25
CVE-2023-2134
2023-04-19 03:40:26
debiancve
debiancve
CVE-2023-2133
2023-04-19 04:15:31
CVE-2023-2134
2023-04-19 04:15:31
CVE-2023-2137
2023-04-19 04:15:31
prion
prion
Design/Logic Flaw
2023-04-19 04:15:00
Design/Logic Flaw
2023-04-19 04:15:00
Heap overflow
2023-04-19 04:15:00
ubuntucve
ubuntucve
CVE-2023-2135
2023-04-19 00:00:00
CVE-2023-2133
2023-04-19 00:00:00
CVE-2023-2134
2023-04-19 00:00:00
alpinelinux
alpinelinux
CVE-2023-2137
2023-04-19 04:15:31
mscve
mscve
Chromium: CVE-2023-2133 Out of bounds memory access in Service Worker API
2023-04-20 07:00:00
Chromium: CVE-2023-2134 Out of bounds memory access in Service Worker API
2023-04-20 07:00:00
Chromium: CVE-2023-2135 Use after free in DevTools
2023-04-20 07:00:00
attackerkb
attackerkb
CVE-2023-2136
2023-04-19 00:00:00
cisa_kev
cisa_kev
Google Chrome Skia Integer Overflow Vulnerability
2023-04-21 00:00:00
malwarebytes
malwarebytes
Update now, there's a Chrome zero-day in the wild
2023-04-21 03:15:00
Update Android now! Google patches three actively exploited zero-days
2023-07-06 01:00:00
mageia
mageia
Updated sqlite3 packages fix security vulnerabilities
2024-03-20 06:35:18
thn
thn
Google Chrome Hit by Second Zero-Day Attack - Urgent Patch Update Released
2023-04-19 13:47:00
CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug
2023-04-22 06:00:00
Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!
2023-06-06 10:21:00
avleonov
avleonov
Microsoft Patch Tuesday May 2023: Microsoft Edge, BlackLotus Secure Boot SFB, OLE RCE, Win32k EoP, NFS RCE, PGM RCE, LDAP RCE, SharePoint RCE
2023-05-27 22:39:14
gentoo
gentoo
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
2023-09-30 00:00:00
securelist
securelist
IT threat evolution in Q2 2023. Non-mobile statistics
2023-08-30 10:00:41
JSON
Related for OPENSUSE-2023-0093-1.NASL
nessus15debian1osv2chrome1freebsd1openvas15kaspersky4fedora6veracode5cve5cnvd5cvelist5debiancve5prion5ubuntucve5alpinelinux1mscve5attackerkb1cisa_kev1malwarebytes2mageia1thn9avleonov1gentoo1securelist1