Bug 1222035 (CVE-2024-2883, CVE-2024-2885, CVE-2024-2886, CVE-2024-2887) - VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 123.0.6312.86
Summary: VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 123.0.6...
Status: RESOLVED DUPLICATE of bug 1222707
Alias: CVE-2024-2883, CVE-2024-2885, CVE-2024-2886, CVE-2024-2887
Product: openSUSE Distribution
Classification: openSUSE
Component: Security (show other bugs)
Version: Leap 15.5
Hardware: Other Other
: P3 - Medium : Normal (vote)
Target Milestone: ---
Assignee: Michał Szczepaniak
QA Contact: Security Team bot
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-03-27 09:00 UTC by Andrea Mattiazzo
Modified: 2024-05-13 04:05 UTC (History)
4 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andrea Mattiazzo 2024-03-27 09:00:31 UTC 
The Stable channel has been updated to 123.0.6312.86 to Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.

Security Fixes and Rewards

This update includes 7 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[327807820] Critical CVE-2024-2883: Use after free in ANGLE. Reported by Cassidy Kim(@cassidy6564) on 2024-03-03

[328958020] High CVE-2024-2885: Use after free in Dawn. Reported by wgslfuzz on 2024-03-11

[330575496] High CVE-2024-2886: Use after free in WebCodecs. Reported by Seunghyun Lee (@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024 on 2024-03-21

[330588502] High CVE-2024-2887: Type Confusion in WebAssembly. Reported by Manfred Paul, via Pwn2Own 2024 on 2024-03-21

As usual, our ongoing internal security work was responsible for a wide range of fixes:

[331221727] Various fixes from internal audits, fuzzing and other initiatives
Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL
Comment 1 Benjamin Greiner 2024-04-17 08:53:51 UTC 
Duplicate is not the same version but same problem.

*** This bug has been marked as a duplicate of bug 1222707 ***
Comment 2 OBSbugzilla Bot 2024-05-11 05:35:04 UTC 
This is an autogenerated message for OBS integration:
This bug (1222035) was mentioned in
https://build.opensuse.org/request/show/1173380 Factory / chromium
Comment 3 OBSbugzilla Bot 2024-05-11 06:15:04 UTC 
This is an autogenerated message for OBS integration:
This bug (1222035) was mentioned in
https://build.opensuse.org/request/show/1173381 Backports:SLE-15-SP5 / chromium
Comment 4 Marcus Meissner 2024-05-13 04:05:01 UTC 
openSUSE-SU-2024:0123-1: An update that fixes 35 vulnerabilities is now available.

Category: security (important)
Bug References: 1221732,1222035,1222260,1222707,1222958,1223845,1223846,1224045
CVE References: CVE-2024-2625,CVE-2024-2626,CVE-2024-2627,CVE-2024-2628,CVE-2024-2883,CVE-2024-2885,CVE-2024-2886,CVE-2024-2887,CVE-2024-3156,CVE-2024-3157,CVE-2024-3158,CVE-2024-3159,CVE-2024-3515,CVE-2024-3516,CVE-2024-3832,CVE-2024-3833,CVE-2024-3834,CVE-2024-3837,CVE-2024-3838,CVE-2024-3839,CVE-2024-3840,CVE-2024-3841,CVE-2024-3843,CVE-2024-3844,CVE-2024-3845,CVE-2024-3846,CVE-2024-3847,CVE-2024-4058,CVE-2024-4059,CVE-2024-4060,CVE-2024-4331,CVE-2024-4368,CVE-2024-4558,CVE-2024-4559,CVE-2024-4671
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP5 (src):    chromium-124.0.6367.201-bp155.2.78.1