Bug 1193519

Summary: VUL-0: chromium: multiple security issues fixed in 96.0.4664.93
Product: [openSUSE] openSUSE Distribution Reporter: Thomas Leroy <thomas.leroy>
Component: SecurityAssignee: Callum Farmer <gmbr3>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: Andreas.Stieger, meissner, smash_bz
Version: Leap 15.3   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Thomas Leroy 2021-12-08 09:55:55 UTC
[$15000][1267661] High CVE-2021-4052: Use after free in web apps. Reported by Wei Yuan of MoyunSec VLab on 2021-11-07

[$10000][1267791] High CVE-2021-4053: Use after free in UI. Reported by Rox on 2021-11-08

[$8500][1265806] High CVE-2021-4079: Out of bounds write in WebRTC. Reported by Brendon Tiszka on 2021-11-01

[$5000][1239760] High CVE-2021-4054: Incorrect security UI in autofill. Reported by Alesandro Ortiz on 2021-08-13

[$5000][1268738] High CVE-2021-4078: Type confusion in V8. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2021-11-09

[$1000][1266510] High CVE-2021-4055: Heap buffer overflow in extensions. Reported by Chen Rong on 2021-11-03

[$TBD][1260939] High CVE-2021-4056: Type Confusion in loader. Reported by @__R0ng of 360 Alpha Lab on 2021-10-18

[$TBD][1262183] High CVE-2021-4057: Use after free in file API. Reported by Sergei Glazunov of Google Project Zero on 2021-10-21

[$TBD][1267496] High CVE-2021-4058: Heap buffer overflow in ANGLE. Reported by Abraruddin Khan and Omair  on 2021-11-06

[$TBD][1270990] High CVE-2021-4059: Insufficient data validation in loader. Reported by Luan Herrera (@lbherrera_) on 2021-11-17

[$TBD][1271456] High CVE-2021-4061: Type Confusion in V8. Reported by Paolo Severini on 2021-11-18

[$TBD][1272403] High CVE-2021-4062: Heap buffer overflow in BFCache. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-11-22

[$TBD][1273176] High CVE-2021-4063: Use after free in developer tools. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-11-23

[$TBD][1273197] High CVE-2021-4064: Use after free in screen capture. Reported by @ginggilBesel on 2021-11-23

[$TBD][1273674] High CVE-2021-4065: Use after free in autofill. Reported by 5n1p3r0010 on 2021-11-25

[$TBD][1274499] High CVE-2021-4066: Integer underflow in ANGLE. Reported by Jaehun Jeong(@n3sk) of Theori on 2021-11-29

[$TBD][1274641] High CVE-2021-4067: Use after free in window manager. Reported by @ginggilBesel on 2021-11-29

[$500][1265197] Low CVE-2021-4068: Insufficient validation of untrusted input in new tab page. Reported by NDevTK on 2021-10-31
Comment 1 OBSbugzilla Bot 2021-12-09 11:40:16 UTC
This is an autogenerated message for OBS integration:
This bug (1193519) was mentioned in
https://build.opensuse.org/request/show/937729 Backports:SLE-15-SP3 / chromium
Comment 2 Swamp Workflow Management 2021-12-13 23:17:38 UTC
openSUSE-SU-2021:1582-1: An update that fixes 36 vulnerabilities is now available.

Category: security (important)
Bug References: 1192310,1192734,1193519
CVE References: CVE-2021-38005,CVE-2021-38006,CVE-2021-38007,CVE-2021-38008,CVE-2021-38009,CVE-2021-38010,CVE-2021-38011,CVE-2021-38012,CVE-2021-38013,CVE-2021-38014,CVE-2021-38015,CVE-2021-38016,CVE-2021-38017,CVE-2021-38018,CVE-2021-38019,CVE-2021-38020,CVE-2021-38021,CVE-2021-38022,CVE-2021-4052,CVE-2021-4053,CVE-2021-4054,CVE-2021-4055,CVE-2021-4056,CVE-2021-4057,CVE-2021-4058,CVE-2021-4059,CVE-2021-4061,CVE-2021-4062,CVE-2021-4063,CVE-2021-4064,CVE-2021-4065,CVE-2021-4066,CVE-2021-4067,CVE-2021-4068,CVE-2021-4078,CVE-2021-4079
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP3 (src):    chromium-96.0.4664.93-bp153.2.45.2
Comment 3 OBSbugzilla Bot 2021-12-14 23:30:08 UTC
This is an autogenerated message for OBS integration:
This bug (1193519) was mentioned in
https://build.opensuse.org/request/show/940589 Factory / chromium
Comment 4 OBSbugzilla Bot 2021-12-15 09:00:20 UTC
This is an autogenerated message for OBS integration:
This bug (1193519) was mentioned in
https://build.opensuse.org/request/show/940660 15.2 / chromium
Comment 5 OBSbugzilla Bot 2021-12-15 09:50:31 UTC
This is an autogenerated message for OBS integration:
This bug (1193519) was mentioned in
https://build.opensuse.org/request/show/940663 Backports:SLE-12-SP3 / chromium
Comment 6 OBSbugzilla Bot 2021-12-15 11:50:07 UTC
This is an autogenerated message for OBS integration:
This bug (1193519) was mentioned in
https://build.opensuse.org/request/show/940702 15.2 / chromium
Comment 7 OBSbugzilla Bot 2021-12-27 00:00:14 UTC
This is an autogenerated message for OBS integration:
This bug (1193519) was mentioned in
https://build.opensuse.org/request/show/942659 15.2 / chromium
Comment 8 Swamp Workflow Management 2021-12-28 11:17:17 UTC
openSUSE-SU-2021:1632-1: An update that fixes 41 vulnerabilities is now available.

Category: security (important)
Bug References: 1192310,1192734,1193519,1193713
CVE References: CVE-2021-38005,CVE-2021-38006,CVE-2021-38007,CVE-2021-38008,CVE-2021-38009,CVE-2021-38010,CVE-2021-38011,CVE-2021-38012,CVE-2021-38013,CVE-2021-38014,CVE-2021-38015,CVE-2021-38016,CVE-2021-38017,CVE-2021-38018,CVE-2021-38019,CVE-2021-38020,CVE-2021-38021,CVE-2021-38022,CVE-2021-4052,CVE-2021-4053,CVE-2021-4054,CVE-2021-4055,CVE-2021-4056,CVE-2021-4057,CVE-2021-4058,CVE-2021-4059,CVE-2021-4061,CVE-2021-4062,CVE-2021-4063,CVE-2021-4064,CVE-2021-4065,CVE-2021-4066,CVE-2021-4067,CVE-2021-4068,CVE-2021-4078,CVE-2021-4079,CVE-2021-4098,CVE-2021-4099,CVE-2021-4100,CVE-2021-4101,CVE-2021-4102
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    chromium-96.0.4664.110-lp152.2.143.1
Comment 9 Callum Farmer 2022-01-22 14:16:46 UTC
done