Lucene search
SuseOPENSUSE-SU-2022:10099-1HistoryAug 25, 2022 - 12:00 a.m.
Security update for chromium (important)
2022-08-2500:00:00
lists.opensuse.org
22
chromium
vulnerabilities
update
opensuse
installation
patch
security
cve-2022-2852
cve-2022-2853
cve-2022-2854
cve-2022-2855
cve-2022-2856
cve-2022-2857
cve-2022-2858
cve-2022-2859
cve-2022-2860
cve-2022-2861
sandbox
EPSS
0.045
Percentile
92.5%
An update that fixes 10 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium 104.0.5112.101 (boo#1202509):
- CVE-2022-2852: Use after free in FedCM
- CVE-2022-2854: Use after free in SwiftShader
- CVE-2022-2855: Use after free in ANGLE
- CVE-2022-2857: Use after free in Blink
- CVE-2022-2858: Use after free in Sign-In Flow
- CVE-2022-2853: Heap buffer overflow in Downloads
- CVE-2022-2856: Insufficient validation of untrusted input in Intents
- CVE-2022-2859: Use after free in Chrome OS Shell
- CVE-2022-2860: Insufficient policy enforcement in Cookies
- CVE-2022-2861: Inappropriate implementation in Extensions API
- Re-enable our version of chrome-wrapper
- Set no sandbox if root is being used (https://crbug.com/638180)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10099=1
-
openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10099=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Backports SLE | 15-SP4 | aarch64 | - opensuse backports sle | < 15-SP4 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP4 (aarch64 x86_64):.aarch64.rpm |
| openSUSE Backports SLE | 15-SP4 | x86_64 | - opensuse backports sle | < 15-SP4 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP4 (aarch64 x86_64):.x86_64.rpm |
| openSUSE Backports SLE | 15-SP3 | aarch64 | - opensuse backports sle | < 15-SP3 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 x86_64):.aarch64.rpm |
| openSUSE Backports SLE | 15-SP3 | x86_64 | - opensuse backports sle | < 15-SP3 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 x86_64):.x86_64.rpm |
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0307)
2022-08-26 00:00:00
openSUSE: Security Advisory for opera (openSUSE-SU-2022:10109-1)
2024-03-04 00:00:00
suse
suse
Security update for opera (important)
2022-08-29 00:00:00
Security update for opera (important)
2022-08-29 00:00:00
nessus
nessus
FreeBSD : chromium -- multiple vulnerabilities (f12368a8-1e05-11ed-a1ef-3065ec8fd3ec)
2022-08-17 00:00:00
Debian DSA-5212-1 : chromium - security update
2022-08-18 00:00:00
openSUSE 15 Security Update : opera (openSUSE-SU-2022:10109-1)
2022-08-30 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2022-08-26 00:21:07
kaspersky
kaspersky
KLA15725 Multiple vulnerabilities in Opera
2022-08-23 00:00:00
KLA15722 Multiple vulnerabilities in Google Chrome
2022-08-16 00:00:00
KLA15724 Multiple vulnerabilities in Microsoft Browser
2022-08-19 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2022-08-16 00:00:00
debian
debian
[SECURITY] [DSA 5212-1] chromium security update
2022-08-17 22:57:57
osv
osv
chromium - security update
2022-08-18 00:00:00
CVE-2022-2859
2022-09-26 16:15:11
CVE-2022-2858
2022-09-26 16:15:11
chrome
chrome
Stable Channel Update for Desktop
2022-08-16 00:00:00
Stable Channel Update for ChromeOS
2022-09-07 00:00:00
malwarebytes
malwarebytes
Update Chrome now! Google issues patch for zero day spotted in the wild
2022-08-17 11:00:00
Zero-day puts a dent in Chrome's mojo
2022-09-05 16:30:00
cvelist
cvelist
ubuntucve
ubuntucve
debiancve
debiancve
cve
cve
prion
prion
Design/Logic Flaw
2022-09-26 16:15:00
Design/Logic Flaw
2022-09-26 16:15:00
Design/Logic Flaw
2022-09-26 16:15:00
veracode
veracode
Use-After-Free
2022-09-01 10:42:51
Heap Buffer Overflow
2022-09-01 10:47:23
Denial Of Service (DoS)
2022-09-01 10:46:12
nvd
nvd
mscve
mscve
Chromium: CVE-2022-2854 Use after free in SwiftShader
2022-08-19 07:00:00
Chromium: CVE-2022-2861 Inappropriate implementation in Extensions API
2022-08-19 07:00:00
cnvd
cnvd
Google Chrome Intents security bypass vulnerability
2022-08-18 00:00:00
Google Chrome FedCM code execution vulnerability
2022-08-18 00:00:00
attackerkb
attackerkb
CVE-2022-2856
2022-09-26 00:00:00
vulnrichment
vulnrichment
CVE-2022-2856
2022-09-26 15:01:12
cisa_kev
cisa_kev
Google Chromium Intents Insufficient Input Validation Vulnerability
2022-08-18 00:00:00
hivepro
hivepro
Chrome’s zero-day flaw allows arbitrary code execution
2022-08-19 04:40:16
threatpost
threatpost
Google Patches Chrome’s Fifth Zero-Day of the Year
2022-08-18 14:31:38
gentoo
gentoo
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
2022-08-21 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: chromium-105.0.5195.125-2.fc35
2022-10-05 01:05:03
[SECURITY] Fedora 36 Update: chromium-105.0.5195.125-2.fc36
2022-10-05 01:01:54
[SECURITY] Fedora 37 Update: chromium-105.0.5195.125-2.fc37
2022-10-03 00:22:01
thn
thn
New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild
2022-08-17 12:02:00
Google Releases Urgent Chrome Update to Patch New Zero-Day Vulnerability
2022-09-03 03:56:00
CISA Adds 7 New Actively Exploited Vulnerabilities to Catalog
2022-08-20 14:19:00
qualysblog
qualysblog
avleonov
avleonov