Lucene search

Gentoo FoundationMGASA-2024-0194

HistoryMay 26, 2024 - 2:39 a.m.

Updated chromium-browser-stable packages fix security vulnerabilities

2024-05-2602:39:14

Gentoo Foundation

advisories.mageia.org

chromium

security fixes

scheduling

type confusion

heap buffer overflow

unix

x86_64

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

Percentile

15.5%

JSON

The chromium-browser-stable package has been updated to the 125.0.6422.76 release. It includes 6 security fixes Please, do note, that since some versions ago, only x86_64 is supported. i586 support for linux was stopped some years ago and the community is not able to provide patches anymore for the latest Chromium code… High CVE-2024-5157: Use after free in Scheduling. High CVE-2024-5158: Type Confusion in V8. High CVE-2024-5159: Heap buffer overflow in ANGLE. High CVE-2024-5160: Heap buffer overflow in Dawn.

OSVersionArchitecturePackageVersionFilename
Mageia9noarchchromium-browser-stable< 125.0.6422.76-1chromium-browser-stable-125.0.6422.76-1.mga9.tainted

OS	Version	Architecture	Package	Version	Filename
Mageia	9	noarch	chromium-browser-stable	< 125.0.6422.76-1	chromium-browser-stable-125.0.6422.76-1.mga9.tainted

References

bugs.mageia.org/show_bug.cgi?id=33231

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

Percentile

15.5%

JSON

Related for MGASA-2024-0194