Executive Summary
| Summary | |
|---|---|
| Title | chromium-browser security update |
| Informations | |||
|---|---|---|---|
| Name | RHSA-2018:3803 | First vendor Publication | 2018-12-10 |
| Vendor | RedHat | Last vendor Modification | 2018-12-10 |
| Severity (Vendor) | N/A | Revision | 01 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 6.8 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Problem Description: An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: Chromium is an open-source web browser, powered by WebKit (Blink). This update upgrades Chromium to version 71.0.3578.80. Security Fix(es): * chromium-browser: Out of bounds write in V8 (CVE-2018-17480) * chromium-browser: Use after frees in PDFium (CVE-2018-17481) * chromium-browser: Heap buffer overflow in Skia (CVE-2018-18335) * chromium-browser: Use after free in PDFium (CVE-2018-18336) * chromium-browser: Use after free in Blink (CVE-2018-18337) * chromium-browser: Heap buffer overflow in Canvas (CVE-2018-18338) * chromium-browser: Use after free in WebAudio (CVE-2018-18339) * chromium-browser: Use after free in MediaRecorder (CVE-2018-18340) * chromium-browser: Heap buffer overflow in Blink (CVE-2018-18341) * chromium-browser: Out of bounds write in V8 (CVE-2018-18342) * chromium-browser: Use after free in Skia (CVE-2018-18343) * chromium-browser: Inappropriate implementation in Extensions (CVE-2018-18344) * chromium-browser: Inappropriate implementation in Site Isolation (CVE-2018-18345) * chromium-browser: Incorrect security UI in Blink (CVE-2018-18346) * chromium-browser: Inappropriate implementation in Navigation (CVE-2018-18347) * chromium-browser: Inappropriate implementation in Omnibox (CVE-2018-18348) * chromium-browser: Insufficient policy enforcement in Blink (CVE-2018-18349) * chromium-browser: Insufficient policy enforcement in Blink (CVE-2018-18350) * chromium-browser: Insufficient policy enforcement in Navigation (CVE-2018-18351) * chromium-browser: Inappropriate implementation in Media (CVE-2018-18352) * chromium-browser: Inappropriate implementation in Network Authentication (CVE-2018-18353) * chromium-browser: Insufficient data validation in Shell Integration (CVE-2018-18354) * chromium-browser: Insufficient policy enforcement in URL Formatter (CVE-2018-18355) * chromium-browser: Use after free in Skia (CVE-2018-18356) * chromium-browser: Insufficient policy enforcement in URL Formatter (CVE-2018-18357) * chromium-browser: Insufficient policy enforcement in Proxy (CVE-2018-18358) * chromium-browser: Out of bounds read in V8 (CVE-2018-18359) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Chromium must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1656547 - CVE-2018-17480 chromium-browser: Out of bounds write in V8 1656548 - CVE-2018-17481 chromium-browser: Use after frees in PDFium 1656549 - CVE-2018-18335 chromium-browser: Heap buffer overflow in Skia 1656550 - CVE-2018-18336 chromium-browser: Use after free in PDFium 1656551 - CVE-2018-18337 chromium-browser: Use after free in Blink 1656552 - CVE-2018-18338 chromium-browser: Heap buffer overflow in Canvas 1656553 - CVE-2018-18339 chromium-browser: Use after free in WebAudio 1656554 - CVE-2018-18340 chromium-browser: Use after free in MediaRecorder 1656555 - CVE-2018-18341 chromium-browser: Heap buffer overflow in Blink 1656556 - CVE-2018-18342 chromium-browser: Out of bounds write in V8 1656557 - CVE-2018-18343 chromium-browser: Use after free in Skia 1656558 - CVE-2018-18344 chromium-browser: Inappropriate implementation in Extensions 1656559 - CVE-2018-18345 chromium-browser: Inappropriate implementation in Site Isolation 1656560 - CVE-2018-18346 chromium-browser: Incorrect security UI in Blink 1656561 - CVE-2018-18347 chromium-browser: Inappropriate implementation in Navigation 1656562 - CVE-2018-18348 chromium-browser: Inappropriate implementation in Omnibox 1656563 - CVE-2018-18349 chromium-browser: Insufficient policy enforcement in Blink 1656564 - CVE-2018-18350 chromium-browser: Insufficient policy enforcement in Blink 1656565 - CVE-2018-18351 chromium-browser: Insufficient policy enforcement in Navigation 1656566 - CVE-2018-18352 chromium-browser: Inappropriate implementation in Media 1656567 - CVE-2018-18353 chromium-browser: Inappropriate implementation in Network Authentication 1656568 - CVE-2018-18354 chromium-browser: Insufficient data validation in Shell Integration 1656569 - CVE-2018-18355 chromium-browser: Insufficient policy enforcement in URL Formatter 1656570 - CVE-2018-18356 chromium-browser: Use after free in Skia 1656571 - CVE-2018-18357 chromium-browser: Insufficient policy enforcement in URL Formatter 1656572 - CVE-2018-18358 chromium-browser: Insufficient policy enforcement in Proxy 1656573 - CVE-2018-18359 chromium-browser: Out of bounds read in V8 |
Original Source
| Url : https://rhn.redhat.com/errata/RHSA-2018-3803.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 41 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
| 24 % | CWE-416 | Use After Free |
| 14 % | CWE-20 | Improper Input Validation |
| 7 % | CWE-732 | Incorrect Permission Assignment for Critical Resource (CWE/SANS Top 25) |
| 7 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
| 3 % | CWE-269 | Improper Privilege Management |
| 3 % | CWE-125 | Out-of-bounds Read |
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2019-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2019-348547a32d.nasl - Type : ACT_GATHER_INFO |
| 2019-01-07 | Name : The remote Fedora host is missing a security update. File : fedora_2019-859384e002.nasl - Type : ACT_GATHER_INFO |
| 2019-01-07 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_546d4dd410ea11e9b407080027ef1a23.nasl - Type : ACT_GATHER_INFO |
| 2019-01-07 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_720590df10eb11e9b407080027ef1a23.nasl - Type : ACT_GATHER_INFO |
| 2018-12-14 | Name : A web browser installed on the remote Windows host is affected by a use after... File : google_chrome_71_0_3578_98.nasl - Type : ACT_GATHER_INFO |
| 2018-12-14 | Name : A web browser installed on the remote macOS host is affected by a use after f... File : macosx_google_chrome_71_0_3578_98.nasl - Type : ACT_GATHER_INFO |
| 2018-12-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-4352.nasl - Type : ACT_GATHER_INFO |
| 2018-12-10 | Name : A web browser installed on the remote Windows host is affected by multiple vu... File : google_chrome_71_0_3578_80.nasl - Type : ACT_GATHER_INFO |
| 2018-12-10 | Name : A web browser installed on the remote macOS host is affected by multiple vuln... File : macosx_google_chrome_71_0_3578_80.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2019-01-08 00:18:49 |
|
