Category Archives: Advisories

chromium-125.0.6422.76-1.el7

Read Time:30 Second

FEDORA-EPEL-2024-46d6266ef3

Packages in this update:

chromium-125.0.6422.76-1.el7

Update description:

update to 125.0.6422.76

High CVE-2024-5157: Use after free in Scheduling
High CVE-2024-5158: Type Confusion in V8
High CVE-2024-5159: Heap buffer overflow in ANGLE
High CVE-2024-5160: Heap buffer overflow in Dawn

update to 125.0.6422.60

High CVE-2024-4947: Type Confusion in V8
High CVE-2024-4948: Use after free in Dawn
Medium CVE-2024-4949: Use after free in V8
Low CVE-2024-4950: Inappropriate implementation in Downloads

Read More

chromium-125.0.6422.76-1.el8

Read Time:49 Second

FEDORA-EPEL-2024-1a95b76e46

Packages in this update:

chromium-125.0.6422.76-1.el8

Update description:

update to 125.0.6422.76

High CVE-2024-5157: Use after free in Scheduling
High CVE-2024-5158: Type Confusion in V8
High CVE-2024-5159: Heap buffer overflow in ANGLE
High CVE-2024-5160: Heap buffer overflow in Dawn

update to 125.0.6422.60

High CVE-2024-4947: Type Confusion in V8
High CVE-2024-4948: Use after free in Dawn
Medium CVE-2024-4949: Use after free in V8
Low CVE-2024-4950: Inappropriate implementation in Downloads

update to 124.0.6367.201

* High CVE-2024-4671: Use after free in Visuals

update to 124.0.6367.155

High CVE-2024-4558: Use after free in ANGLE
High CVE-2024-4559: Heap buffer overflow in WebAudio

update to 124.0.6367.118

High CVE-2024-4331: Use after free in Picture In Picture
High CVE-2024-4368: Use after free in Dawn

Read More

chromium-125.0.6422.76-1.el9

Read Time:1 Minute, 50 Second

FEDORA-EPEL-2024-3184c14a07

Packages in this update:

chromium-125.0.6422.76-1.el9

Update description:

update to 125.0.6422.76

High CVE-2024-5157: Use after free in Scheduling
High CVE-2024-5158: Type Confusion in V8
High CVE-2024-5159: Heap buffer overflow in ANGLE
High CVE-2024-5160: Heap buffer overflow in Dawn

update to 125.0.6422.60

High CVE-2024-4947: Type Confusion in V8
High CVE-2024-4948: Use after free in Dawn
Medium CVE-2024-4949: Use after free in V8
Low CVE-2024-4950: Inappropriate implementation in Downloads

update to 124.0.6367.201

* High CVE-2024-4671: Use after free in Visuals

update to 124.0.6367.155

High CVE-2024-4558: Use after free in ANGLE
High CVE-2024-4559: Heap buffer overflow in WebAudio

update to 124.0.6367.118

* High CVE-2024-4331: Use after free in Picture In Picture
* High CVE-2024-4368: Use after free in Dawn

update to 124.0.6367.91

update to 124.0.6367.78

* Critical CVE-2024-4058: Type Confusion in ANGLE
* High CVE-2024-4059: Out of bounds read in V8 API
* High CVE-2024-4060: Use after free in Dawn

update to 124.0.6367.60

High CVE-2024-3832: Object corruption in V8
High CVE-2024-3833: Object corruption in WebAssembly
High CVE-2024-3914: Use after free in V8
High CVE-2024-3834: Use after free in Downloads
Medium CVE-2024-3837: Use after free in QUIC
Medium CVE-2024-3838: Inappropriate implementation in Autofill
Medium CVE-2024-3839: Out of bounds read in Fonts
Medium CVE-2024-3840: Insufficient policy enforcement in Site Isolation
Medium CVE-2024-3841: Insufficient data validation in Browser Switcher
Medium CVE-2024-3843: Insufficient data validation in Downloads
Low CVE-2024-3844: Inappropriate implementation in Extensions
Low CVE-2024-3845: Inappropriate implementation in Network
Low CVE-2024-3846: Inappropriate implementation in Prompts
Low CVE-2024-3847: Insufficient policy enforcement in WebUI

update to 123.0.6312.122

High CVE-2024-3157: Out of bounds write in Compositing
High CVE-2024-3516: Heap buffer overflow in ANGLE
High CVE-2024-3515: Use after free in Dawn

Read More

USN-6777-4: Linux kernel (HWE) vulnerabilities

Read Time:48 Second

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux
kernel contained a race condition during device removal, leading to a use-
after-free vulnerability. A physically proximate attacker could possibly
use this to cause a denial of service (system crash). (CVE-2023-47233)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Block layer subsystem;
– Userspace I/O drivers;
– Ceph distributed file system;
– Ext4 file system;
– JFS file system;
– NILFS2 file system;
– Bluetooth subsystem;
– Networking core;
– IPv4 networking;
– IPv6 networking;
– Logical Link layer;
– MAC80211 subsystem;
– Netlink;
– NFC subsystem;
– Tomoyo security module;
(CVE-2023-52524, CVE-2023-52530, CVE-2023-52601, CVE-2023-52439,
CVE-2024-26635, CVE-2023-52602, CVE-2024-26614, CVE-2024-26704,
CVE-2023-52604, CVE-2023-52566, CVE-2021-46981, CVE-2024-26622,
CVE-2024-26735, CVE-2024-26805, CVE-2024-26801, CVE-2023-52583)

Read More

USN-6736-2: klibc vulnerabilities

Read Time:39 Second

USN-6736-1 fixed vulnerabilities in klibc. This update provides the
corresponding updates for Ubuntu 24.04 LTS.

Original advisory details:

It was discovered that zlib, vendored in klibc, incorrectly handled pointer
arithmetic. An attacker could use this issue to cause klibc to crash or to
possibly execute arbitrary code. (CVE-2016-9840, CVE-2016-9841)

Danilo Ramos discovered that zlib, vendored in klibc, incorrectly handled
memory when performing certain deflating operations. An attacker could use
this issue to cause klibc to crash or to possibly execute arbitrary code.
(CVE-2018-25032)

Evgeny Legerov discovered that zlib, vendored in klibc, incorrectly handled
memory when performing certain inflate operations. An attacker could use
this issue to cause klibc to crash or to possibly execute arbitrary code.
(CVE-2022-37434)

Read More

USN-6663-3: OpenSSL update

Read Time:17 Second

USN-6663-1 provided a security update for OpenSSL.
This update provides the corresponding update for
Ubuntu 24.04 LTS.

Original advisory details:

As a security improvement, OpenSSL will now
return deterministic random bytes instead of an error
when detecting wrong padding in PKCS#1 v1.5 RSA
to prevent its use in possible Bleichenbacher timing attacks.

Read More

ZDI-24-503: (Pwn2Own) TP-Link Omada ER605 Reliance on Security Through Obscurity Vulnerability

Read Time:18 Second

This vulnerability allows network-adjacent attackers to access or spoof DDNS messages on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The ZDI has assigned a CVSS rating of 5.0. The following CVEs are assigned: CVE-2024-5244.

Read More

ZDI-24-502: (Pwn2Own) TP-Link Omada ER605 Buffer Overflow Remote Code Execution Vulnerability

Read Time:18 Second

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-5243.

Read More

ZDI-24-501: (Pwn2Own) TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability

Read Time:18 Second

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-5242.

Read More