Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title chromium-browser security update
Informations
Name RHSA-2020:0738 First vendor Publication 2020-03-09
Vendor RedHat Last vendor Modification 2020-03-09
Severity (Vendor) N/A Revision 01

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Overall CVSS Score 8.8
Base Score 8.8 Environmental Score 8.8
impact SubScore 5.9 Temporal Score 8.8
Exploitabality Sub Score 2.8
 
Attack Vector Network Attack Complexity Low
Privileges Required None User Interaction Required
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 6.8 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, i686, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - i686, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, i686, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, i686, x86_64

3. Description:

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 80.0.3987.122.

Security Fix(es):

* ICU: Integer overflow in UnicodeString::doAppend() (BZ#1807349)

* chromium-browser: Type confusion in V8 (CVE-2020-6383)

* chromium-browser: Use after free in WebAudio (CVE-2020-6384)

* chromium-browser: Use after free in speech (CVE-2020-6386)

* chromium-browser: Out of bounds memory access in streams (CVE-2020-6407)

* chromium-browser: Type confusion in V8 (CVE-2020-6418)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Chromium must be restarted for the changes to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1807343 - CVE-2020-6418 chromium-browser: Type confusion in V8 1807349 - ICU: Integer overflow in UnicodeString::doAppend() 1807381 - CVE-2020-6407 chromium-browser: Out of bounds memory access in streams 1807498 - CVE-2020-6383 chromium-browser: Type confusion in V8 1807499 - CVE-2020-6384 chromium-browser: Use after free in WebAudio 1807500 - CVE-2020-6386 chromium-browser: Use after free in speech

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2020-0738.html

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-416 Use After Free
25 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)
25 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application