An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Chromium is an open source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 79.0.3945.79.
Security Fix(es) :
chromium-browser: Use after free in Bluetooth (CVE-2019-13725)
chromium-browser: Heap buffer overflow in password manager (CVE-2019-13726)
chromium-browser: Insufficient policy enforcement in WebSockets (CVE-2019-13727)
chromium-browser: Out of bounds write in V8 (CVE-2019-13728)
chromium-browser: Use after free in WebSockets (CVE-2019-13729)
chromium-browser: Type Confusion in V8 (CVE-2019-13730)
chromium-browser: Use after free in WebAudio (CVE-2019-13732)
chromium-browser: Out of bounds write in SQLite (CVE-2019-13734)
chromium-browser: Out of bounds write in V8 (CVE-2019-13735)
chromium-browser: Type Confusion in V8 (CVE-2019-13764)
chromium-browser: Integer overflow in PDFium (CVE-2019-13736)
chromium-browser: Insufficient policy enforcement in autocomplete (CVE-2019-13737)
chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13738)
chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13739)
chromium-browser: Incorrect security UI in sharing (CVE-2019-13740)
chromium-browser: Insufficient validation of untrusted input in Blink (CVE-2019-13741)
chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13742)
chromium-browser: Incorrect security UI in external protocol handling (CVE-2019-13743)
chromium-browser: Insufficient policy enforcement in cookies (CVE-2019-13744)
chromium-browser: Insufficient policy enforcement in audio (CVE-2019-13745)
chromium-browser: Insufficient policy enforcement in Omnibox (CVE-2019-13746)
chromium-browser: Uninitialized Use in rendering (CVE-2019-13747)
chromium-browser: Insufficient policy enforcement in developer tools (CVE-2019-13748)
chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13749)
chromium-browser: Insufficient data validation in SQLite (CVE-2019-13750)
chromium-browser: Uninitialized Use in SQLite (CVE-2019-13751)
chromium-browser: Out of bounds read in SQLite (CVE-2019-13752)
chromium-browser: Out of bounds read in SQLite (CVE-2019-13753)
chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13754)
chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13755)
chromium-browser: Incorrect security UI in printing (CVE-2019-13756)
chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13757)
chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13758)
chromium-browser: Incorrect security UI in interstitials (CVE-2019-13759)
chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13761)
chromium-browser: Insufficient policy enforcement in downloads (CVE-2019-13762)
chromium-browser: Insufficient policy enforcement in payments (CVE-2019-13763)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2019:4238. The text
# itself is copyright (C) Red Hat, Inc.
#
include('compat.inc');
if (description)
{
script_id(132228);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/03");
script_cve_id(
"CVE-2019-13725",
"CVE-2019-13726",
"CVE-2019-13727",
"CVE-2019-13728",
"CVE-2019-13729",
"CVE-2019-13730",
"CVE-2019-13732",
"CVE-2019-13734",
"CVE-2019-13735",
"CVE-2019-13736",
"CVE-2019-13737",
"CVE-2019-13738",
"CVE-2019-13739",
"CVE-2019-13740",
"CVE-2019-13741",
"CVE-2019-13742",
"CVE-2019-13743",
"CVE-2019-13744",
"CVE-2019-13745",
"CVE-2019-13746",
"CVE-2019-13747",
"CVE-2019-13748",
"CVE-2019-13749",
"CVE-2019-13750",
"CVE-2019-13751",
"CVE-2019-13752",
"CVE-2019-13753",
"CVE-2019-13754",
"CVE-2019-13755",
"CVE-2019-13756",
"CVE-2019-13757",
"CVE-2019-13758",
"CVE-2019-13759",
"CVE-2019-13761",
"CVE-2019-13762",
"CVE-2019-13763",
"CVE-2019-13764"
);
script_xref(name:"RHSA", value:"2019:4238");
script_name(english:"RHEL 6 : chromium-browser (RHSA-2019:4238)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"An update for chromium-browser is now available for Red Hat Enterprise
Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security
impact of Critical. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.
Chromium is an open source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 79.0.3945.79.
Security Fix(es) :
* chromium-browser: Use after free in Bluetooth (CVE-2019-13725)
* chromium-browser: Heap buffer overflow in password manager
(CVE-2019-13726)
* chromium-browser: Insufficient policy enforcement in WebSockets
(CVE-2019-13727)
* chromium-browser: Out of bounds write in V8 (CVE-2019-13728)
* chromium-browser: Use after free in WebSockets (CVE-2019-13729)
* chromium-browser: Type Confusion in V8 (CVE-2019-13730)
* chromium-browser: Use after free in WebAudio (CVE-2019-13732)
* chromium-browser: Out of bounds write in SQLite (CVE-2019-13734)
* chromium-browser: Out of bounds write in V8 (CVE-2019-13735)
* chromium-browser: Type Confusion in V8 (CVE-2019-13764)
* chromium-browser: Integer overflow in PDFium (CVE-2019-13736)
* chromium-browser: Insufficient policy enforcement in autocomplete
(CVE-2019-13737)
* chromium-browser: Insufficient policy enforcement in navigation
(CVE-2019-13738)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13739)
* chromium-browser: Incorrect security UI in sharing (CVE-2019-13740)
* chromium-browser: Insufficient validation of untrusted input in
Blink (CVE-2019-13741)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13742)
* chromium-browser: Incorrect security UI in external protocol
handling (CVE-2019-13743)
* chromium-browser: Insufficient policy enforcement in cookies
(CVE-2019-13744)
* chromium-browser: Insufficient policy enforcement in audio
(CVE-2019-13745)
* chromium-browser: Insufficient policy enforcement in Omnibox
(CVE-2019-13746)
* chromium-browser: Uninitialized Use in rendering (CVE-2019-13747)
* chromium-browser: Insufficient policy enforcement in developer tools
(CVE-2019-13748)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13749)
* chromium-browser: Insufficient data validation in SQLite
(CVE-2019-13750)
* chromium-browser: Uninitialized Use in SQLite (CVE-2019-13751)
* chromium-browser: Out of bounds read in SQLite (CVE-2019-13752)
* chromium-browser: Out of bounds read in SQLite (CVE-2019-13753)
* chromium-browser: Insufficient policy enforcement in extensions
(CVE-2019-13754)
* chromium-browser: Insufficient policy enforcement in extensions
(CVE-2019-13755)
* chromium-browser: Incorrect security UI in printing (CVE-2019-13756)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13757)
* chromium-browser: Insufficient policy enforcement in navigation
(CVE-2019-13758)
* chromium-browser: Incorrect security UI in interstitials
(CVE-2019-13759)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13761)
* chromium-browser: Insufficient policy enforcement in downloads
(CVE-2019-13762)
* chromium-browser: Insufficient policy enforcement in payments
(CVE-2019-13763)
For more details about the security issue(s), including the impact, a
CVSS score, acknowledgments, and other related information, refer to
the CVE page(s) listed in the References section.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:4238");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13725");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13726");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13727");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13728");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13729");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13730");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13732");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13734");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13735");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13736");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13737");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13738");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13739");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13740");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13741");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13742");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13743");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13744");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13745");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13746");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13747");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13748");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13749");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13750");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13751");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13752");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13753");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13754");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13755");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13756");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13757");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13758");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13759");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13761");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13762");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13763");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-13764");
script_set_attribute(attribute:"solution", value:
"Update the affected chromium-browser and / or
chromium-browser-debuginfo packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-13764");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/10");
script_set_attribute(attribute:"patch_publication_date", value:"2019/12/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/18");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:chromium-browser");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2019:4238";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL6", cpu:"i686", reference:"chromium-browser-79.0.3945.79-1.el6_10", allowmaj:TRUE)) flag++;
if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"chromium-browser-79.0.3945.79-1.el6_10", allowmaj:TRUE)) flag++;
if (rpm_check(release:"RHEL6", cpu:"i686", reference:"chromium-browser-debuginfo-79.0.3945.79-1.el6_10", allowmaj:TRUE)) flag++;
if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"chromium-browser-debuginfo-79.0.3945.79-1.el6_10", allowmaj:TRUE)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "chromium-browser / chromium-browser-debuginfo");
}
}
Vendor | Product | Version | CPE |
---|---|---|---|
redhat | enterprise_linux | chromium-browser | p-cpe:/a:redhat:enterprise_linux:chromium-browser |
redhat | enterprise_linux | chromium-browser-debuginfo | p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo |
redhat | enterprise_linux | 6 | cpe:/o:redhat:enterprise_linux:6 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13725
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13726
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13727
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13728
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13729
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13730
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13732
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13734
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13735
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13736
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13737
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13738
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13739
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13740
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13741
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13742
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13743
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13744
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13745
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13746
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13747
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13748
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13749
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13750
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13751
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13752
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13753
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13754
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13755
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13756
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13757
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13758
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13759
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13761
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13762
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13763
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13764
access.redhat.com/errata/RHSA-2019:4238
access.redhat.com/security/cve/cve-2019-13725
access.redhat.com/security/cve/cve-2019-13726
access.redhat.com/security/cve/cve-2019-13727
access.redhat.com/security/cve/cve-2019-13728
access.redhat.com/security/cve/cve-2019-13729
access.redhat.com/security/cve/cve-2019-13730
access.redhat.com/security/cve/cve-2019-13732
access.redhat.com/security/cve/cve-2019-13734
access.redhat.com/security/cve/cve-2019-13735
access.redhat.com/security/cve/cve-2019-13736
access.redhat.com/security/cve/cve-2019-13737
access.redhat.com/security/cve/cve-2019-13738
access.redhat.com/security/cve/cve-2019-13739
access.redhat.com/security/cve/cve-2019-13740
access.redhat.com/security/cve/cve-2019-13741
access.redhat.com/security/cve/cve-2019-13742
access.redhat.com/security/cve/cve-2019-13743
access.redhat.com/security/cve/cve-2019-13744
access.redhat.com/security/cve/cve-2019-13745
access.redhat.com/security/cve/cve-2019-13746
access.redhat.com/security/cve/cve-2019-13747
access.redhat.com/security/cve/cve-2019-13748
access.redhat.com/security/cve/cve-2019-13749
access.redhat.com/security/cve/cve-2019-13750
access.redhat.com/security/cve/cve-2019-13751
access.redhat.com/security/cve/cve-2019-13752
access.redhat.com/security/cve/cve-2019-13753
access.redhat.com/security/cve/cve-2019-13754
access.redhat.com/security/cve/cve-2019-13755
access.redhat.com/security/cve/cve-2019-13756
access.redhat.com/security/cve/cve-2019-13757
access.redhat.com/security/cve/cve-2019-13758
access.redhat.com/security/cve/cve-2019-13759
access.redhat.com/security/cve/cve-2019-13761
access.redhat.com/security/cve/cve-2019-13762
access.redhat.com/security/cve/cve-2019-13763
access.redhat.com/security/cve/cve-2019-13764