Lucene search
SuseOPENSUSE-SU-2022:10177-1HistoryOct 31, 2022 - 12:00 a.m.
Security update for chromium (important)
2022-10-3100:00:00
lists.opensuse.org
9
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
An update that fixes 11 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium 107.0.5304.87 (boo#1204819)
- CVE-2022-3723: Type Confusion in V8
Chromium 107.0.5304.68 (boo#1204732)
- CVE-2022-3652: Type Confusion in V8
- CVE-2022-3653: Heap buffer overflow in Vulkan
- CVE-2022-3654: Use after free in Layout
- CVE-2022-3655: Heap buffer overflow in Media Galleries
- CVE-2022-3656: Insufficient data validation in File System
- CVE-2022-3657: Use after free in Extensions
- CVE-2022-3658: Use after free in Feedback service on Chrome OS
- CVE-2022-3659: Use after free in Accessibility
- CVE-2022-3660: Inappropriate implementation in Full screen mode
- CVE-2022-3661: Insufficient data validation in Extensions
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or โzypper patchโ.
Alternatively you can run the command listed for your product:
-
openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10177=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Backports SLE | 15-SP3 | aarch64 | - opensuse backports sle | <ย 15-SP3 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 x86_64):.aarch64.rpm |
| openSUSE Backports SLE | 15-SP3 | x86_64 | - opensuse backports sle | <ย 15-SP3 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 x86_64):.x86_64.rpm |
Related
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerabilities
2022-11-13 05:25:20
suse
suse
Security update for chromium (important)
2022-10-31 00:00:00
nessus
nessus
openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10177-1)
2022-11-01 00:00:00
Google Chrome < 107.0.5304.62 Multiple Vulnerabilities
2022-10-25 00:00:00
Google Chrome < 107.0.5304.62 Multiple Vulnerabilities
2022-10-25 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0419)
2022-11-14 00:00:00
Microsoft Edge (Chromium-Based) Multiple Vulnerabilities (Nov 2022)
2022-11-10 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2022-10-25 00:00:00
chromium -- Type confusion in V8
2022-10-27 00:00:00
debian
debian
[SECURITY] [DSA 5261-1] chromium security update
2022-10-26 18:26:49
[SECURITY] [DSA 5263-1] chromium security update
2022-10-29 20:36:13
kaspersky
kaspersky
KLA20019 Multiple vulnerabilities in Microsoft Browser
2022-10-27 00:00:00
KLA20017 Multiple vulnerabilities in Google Chrome
2022-10-25 00:00:00
KLA20018 DoS vulnerability in Google Chrome
2022-10-27 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2022-10-25 00:00:00
Stable Channel Update for Desktop
2022-10-27 00:00:00
osv
osv
chromium - security update
2022-10-26 00:00:00
chromium - security update
2022-10-29 00:00:00
cnvd
cnvd
Google Chrome V8 Code Execution Vulnerability (CNVD-2022-85092)
2022-10-31 00:00:00
Google Chrome Security Bypass Vulnerability (CNVD-2022-85089)
2022-10-27 00:00:00
Google Chrome Extensions Code Execution Vulnerability
2022-10-27 00:00:00
qualysblog
qualysblog
Donโt spend another weekend patching Chrome
2022-10-28 22:07:37
Chrome Zero Day โ Just Before the Weekend (again)
2022-10-28 19:40:19
Donโt Spend Your Holiday Season Patching Chrome
2022-11-29 18:26:11
cisa_kev
cisa_kev
Google Chromium V8 Type Confusion Vulnerability
2022-10-28 00:00:00
mscve
mscve
Chromium: CVE-2022-3723 Type Confusion in V8
2022-10-31 19:31:11
Chromium: CVE-2022-3661 Insufficient data validation in Extensions
2022-10-27 18:06:07
Chromium: CVE-2022-3654 Use after free in Layout
2022-10-27 18:05:40
cve
cve
prion
prion
Type confusion
2022-11-01 23:15:00
Design/Logic Flaw
2022-11-01 23:15:00
Design/Logic Flaw
2022-11-01 23:15:00
attackerkb
attackerkb
CVE-2022-3723
2022-11-01 00:00:00
malwarebytes
malwarebytes
A Chrome fix for an in-the-wild exploit is outโCheck your version
2022-10-28 21:45:00
ubuntucve
ubuntucve
debiancve
debiancve
veracode
veracode
Type Confusion
2022-11-16 15:53:26
Use After Free
2022-11-17 00:54:26
Information Disclosure
2022-11-17 00:51:25
hivepro
hivepro
Google Chromeโs seventh zero-day of 2022
2022-11-01 05:21:34
Actors, Threats and Vulnerabilities 16 January 2023 โ 22 January 2023
2023-01-25 03:14:57
altlinux
altlinux
thn
thn
impervablog
impervablog
githubexploit
githubexploit
Exploit for Improper Input Validation in Google Chrome
2023-01-13 03:26:14
github
github
Getting RCE in Chrome with incorrect side effect in the JIT compiler
2023-09-26 15:00:54
avleonov
avleonov
gentoo
gentoo
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
2023-05-03 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Related for OPENSUSE-SU-2022:10177-1