SB2017120812 - OpenSUSE Linux update for chromium
Published: December 8, 2017 Updated: July 1, 2021
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 41 vulnerabilities.
1) Spoofing attack (CVE-ID: CVE-2017-15386)
CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The disclosed vulnerability allows a remote attacker to conduct spoofing attacks.
The vulnerability exists due to an error in Blink. A remote attacker can trick the victim into visiting a specially crafted website and spoof the UI.
2) Spoofing attack (CVE-ID: CVE-2017-15387)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The disclosed vulnerability allows a remote attacker to bypass security restrictions.
The vulnerability exists due to an error in Blink. A remote attacker can trick the victim into visiting a specially crafted website and bypass content security restrictions.
3) Out-of-bounds read (CVE-ID: CVE-2017-15388)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The disclosed vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to out-of-bounds read in Skia. A remote attacker can trick the victim into visiting a specially crafted website and gain access to arbitrary data.
4) Spoofing attack (CVE-ID: CVE-2017-15389)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to URL spoofing in OmniBox. A remote attacker can trick the victim into visiting a specially crafted website and conduct domain spoofing attacks.
Successful exploitation of the vulnerability results in address spoofing.
5) Spoofing attack (CVE-ID: CVE-2017-15390)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to URL spoofing in OmniBox. A remote attacker can trick the victim into visiting a specially crafted website and conduct domain spoofing attacks.
Successful exploitation of the vulnerability results in address spoofing.
6) Security restrictions bypass (CVE-ID: CVE-2017-15391)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to bypass security restrictions.
The vulnerability exists due to an error in Extensions. A remote attacker can trick the victim into visiting a specially crafted website and bypass extension limitation.
7) Security restrictions bypass (CVE-ID: CVE-2017-15392)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to bypass security restrictions.
The vulnerability exists due to incorrect registry key handling in PlatformIntegration. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions.
8) Memory leak (CVE-ID: CVE-2017-15393)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to referrer leak in Devtools. A remote attacker can trick the victim into visiting a specially crafted website and read arbitrary files on the target system.
9) Spoofing attack (CVE-ID: CVE-2017-15394)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to URL spoofing in extensions UI. A remote attacker can trick the victim into visiting a specially crafted website and conduct domain spoofing attacks.
10) Null pointer dereference (CVE-ID: CVE-2017-15395)
CWE-ID: CWE-476 - NULL Pointer Dereference
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to cause DoS condition.
The vulnerability exists due to null pointer dereference in ImageCapture. A remote attacker can trick the victim into visiting a specially crafted website, trigger null pointer dereference and cause the application to crash.
11) Stack-based buffer overflow (CVE-ID: CVE-2017-15396)
CWE-ID: CWE-121 - Stack-based buffer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to stack-based buffer overflow in V8. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the system to crash.
12) Stack-based buffer overflow (CVE-ID: CVE-2017-15398)
CWE-ID: CWE-121 - Stack-based buffer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to stack-based buffer overflow in QUIC. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
13) Use-after-free error (CVE-ID: CVE-2017-15399)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to use-after-free error in V8. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
14) Heap-based buffer overflow (CVE-ID: CVE-2017-15408)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to heap-based buffer overflow in PDFium. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
15) Out-of-bounds write (CVE-ID: CVE-2017-15409)
CWE-ID: CWE-787 - Out-of-bounds write
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to out-of-bounds write in Skia. A remote attacker can trick the victim into visiting a specially crafted website, trigger out-of-bounds write and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
16) Use-after-free error (CVE-ID: CVE-2017-15410)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to use-after-free error in PDFium. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
17) Use-after-free error (CVE-ID: CVE-2017-15411)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to use-after-free error in PDFium. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
18) Use-after-free error (CVE-ID: CVE-2017-15412)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to use-after-free error in libXML. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
19) Type confusion (CVE-ID: CVE-2017-15413)
CWE-ID: CWE-843 - Type confusion
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to type confusion in WebAssembly. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
20) Information disclosure (CVE-ID: CVE-2017-15415)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The weakness exists due to pointer information disclosure in IPC call. A remote attacker can trick the victim into visiting a specially crafted website and read arbitrary data from system memory.
Successful exploitation of the vulnerability results in information disclosure.
21) Out-of-bounds read (CVE-ID: CVE-2017-15416)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The weakness exists due to out-of-bounds read in Blink. A remote attacker can trick the victim into visiting a specially crafted website and read arbitrary data from system memory.
Successful exploitation of the vulnerability results in information disclosure.
22) Information disclosure (CVE-ID: CVE-2017-15417)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The weakness exists due to cross origin information disclosure in Skia. A remote attacker can trick the victim into visiting a specially crafted website and read arbitrary data from system memory.
Successful exploitation of the vulnerability results in information disclosure.
23) Information disclosure (CVE-ID: CVE-2017-15418)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The weakness exists due to use of uninitialized value in Skia. A remote attacker can trick the victim into visiting a specially crafted website and read arbitrary data from system memory.
Successful exploitation of the vulnerability results in information disclosure.
24) Memory leak (CVE-ID: CVE-2017-15419)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The weakness exists due to cross origin leak of redirect URL in Blink. A remote attacker can trick the victim into visiting a specially crafted website and read arbitrary data from system memory.
Successful exploitation of the vulnerability results in information disclosure.
25) Spoofing attack (CVE-ID: CVE-2017-15420)
CWE-ID: CWE-843 - Type confusion
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to URL spoofing in OmniBox. A remote attacker can trick the victim into visiting a specially crafted website and conduct domain spoofing attacks.
Successful exploitation of the vulnerability results in address spoofing.
26) Integer overflow (CVE-ID: CVE-2017-15422)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to integer overflow in ICU. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
27) Security restrictions bypass (CVE-ID: CVE-2017-15423)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to an issue with SPAKE implementation in BoringSSL. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions.
28) Spoofing attack (CVE-ID: CVE-2017-15424)
CWE-ID: CWE-843 - Type confusion
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to URL spoofing in OmniBox. A remote attacker can trick the victim into visiting a specially crafted website and conduct domain spoofing attacks.
Successful exploitation of the vulnerability results in address spoofing.
29) Spoofing attack (CVE-ID: CVE-2017-15425)
CWE-ID: CWE-843 - Type confusion
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to URL spoofing in OmniBox. A remote attacker can trick the victim into visiting a specially crafted website and conduct domain spoofing attacks.
Successful exploitation of the vulnerability results in address spoofing.
30) Spoofing attack (CVE-ID: CVE-2017-15426)
CWE-ID: CWE-843 - Type confusion
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to URL spoofing in OmniBox. A remote attacker can trick the victim into visiting a specially crafted website and conduct domain spoofing attacks.
Successful exploitation of the vulnerability results in address spoofing.
31) Security restrictions bypass (CVE-ID: CVE-2017-15427)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to insufficient blocking of JavaScript in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions.
32) Universal XSS (CVE-ID: CVE-2017-5124)
CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P/U:Clear
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists in the link modal due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary MHTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
33) Heap-based buffer overflow (CVE-ID: CVE-2017-5125)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to heap-based buffer overflow in Skia. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
34) Use-after-free error (CVE-ID: CVE-2017-5126)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to use-after-free error in PDFium. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
35) Use-after-free error (CVE-ID: CVE-2017-5127)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to use-after-free error in PDFium. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
36) Heap-based buffer overflow (CVE-ID: CVE-2017-5128)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to heap-based buffer overflow in WebGLk. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
37) Use-after-free error (CVE-ID: CVE-2017-5129)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to use-after-free error in WebAudio. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
38) Heap-based buffer overflow (CVE-ID: CVE-2017-5130)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to heap-based buffer overflow in libxml2. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
39) Out-of-bounds write (CVE-ID: CVE-2017-5131)
CWE-ID: CWE-787 - Out-of-bounds write
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to out-of-bounds write in Skia. A remote attacker can trick the victim into visiting a specially crafted website trigger out-of-bounds error and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
40) Memory corruption (CVE-ID: CVE-2017-5132)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to incorrect stack manipulation in WebAssembly. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
41) Out-of-bounds write (CVE-ID: CVE-2017-5133)
CWE-ID: CWE-787 - Out-of-bounds write
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to out-of-bounds write in Skia. A remote attacker can trick the victim into visiting a specially crafted website trigger out-of-bounds error and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
Remediation
Install update from vendor's website.