Bug 1218891

Summary: VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 120.0.6099.224
Product: [openSUSE] openSUSE Tumbleweed Reporter: Thomas Leroy <thomas.leroy>
Component: SecurityAssignee: Callum Farmer <gmbr3>
Status: RESOLVED DUPLICATE QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P5 - None CC: andrea.mattiazzo
Version: Current   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Thomas Leroy 2024-01-17 08:26:34 UTC 
The Stable channel has been updated to 120.0.6099.234 for Mac and 120.0.6099.224 for Linux and 120.0.6099.224/225 to Windows which will roll out over the coming days/weeks.

CVE-2024-0517: Out of bounds write in V8
CVE-2024-0518: Type Confusion in V8
CVE-2024-0519: Out of bounds memory access in V8

Google is aware of reports that an exploit for CVE-2024-0519 exists in the wild.

References:
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html
Comment 1 Thomas Leroy 2024-01-17 08:35:25 UTC 
Race between IMs

*** This bug has been marked as a duplicate of bug 1218892 ***