Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

DSA-4645-1 chromium -- security update

Related Vulnerabilities: CVE-2019-20503   CVE-2020-6422   CVE-2020-6424   CVE-2020-6425   CVE-2020-6426   CVE-2020-6427   CVE-2020-6428   CVE-2020-6429   CVE-2020-6449  

Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-20503 Natalie Silvanovich discovered an out-of-bounds read issue in the usrsctp library. CVE-2020-6422 David Manouchehri discovered a use-after-free issue in the WebGL implementation. CVE-2020-6424 Sergei Glazunov discovered a use-after-free issue. CVE-2020-6425 Sergei Glazunov discovered a policy enforcement error related to extensions. CVE-2020-6426 Avihay Cohen discovered an implementation error in the v8 javascript library. CVE-2020-6427 Man Yue Mo discovered a use-after-free issue in the audio implementation. CVE-2020-6428 Man Yue Mo discovered a use-after-free issue in the audio implementation. CVE-2020-6429 Man Yue Mo discovered a use-after-free issue in the audio implementation. CVE-2020-6449 Man Yue Mo discovered a use-after-free issue in the audio implementation. For the oldstable distribution (stretch), security support for chromium has been discontinued. For the stable distribution (buster), these problems have been fixed in version 80.0.3987.149-1~deb10u1. We recommend that you upgrade your chromium packages. For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium

Source

Debian Security Advisory

DSA-4645-1 chromium -- security update

Date Reported:
22 Mar 2020
Affected Packages:
chromium
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2019-20503, CVE-2020-6422, CVE-2020-6424, CVE-2020-6425, CVE-2020-6426, CVE-2020-6427, CVE-2020-6428, CVE-2020-6429, CVE-2020-6449.
More information:

Several vulnerabilities have been discovered in the chromium web browser.

  • CVE-2019-20503

    Natalie Silvanovich discovered an out-of-bounds read issue in the usrsctp library.

  • CVE-2020-6422

    David Manouchehri discovered a use-after-free issue in the WebGL implementation.

  • CVE-2020-6424

    Sergei Glazunov discovered a use-after-free issue.

  • CVE-2020-6425

    Sergei Glazunov discovered a policy enforcement error related to extensions.

  • CVE-2020-6426

    Avihay Cohen discovered an implementation error in the v8 javascript library.

  • CVE-2020-6427

    Man Yue Mo discovered a use-after-free issue in the audio implementation.

  • CVE-2020-6428

    Man Yue Mo discovered a use-after-free issue in the audio implementation.

  • CVE-2020-6429

    Man Yue Mo discovered a use-after-free issue in the audio implementation.

  • CVE-2020-6449

    Man Yue Mo discovered a use-after-free issue in the audio implementation.

For the oldstable distribution (stretch), security support for chromium has been discontinued.

For the stable distribution (buster), these problems have been fixed in version 80.0.3987.149-1~deb10u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started