Arch Linux Security Advisory ASA-201709-1 ========================================= Severity: Critical Date : 2017-09-06 CVE-ID : CVE-2017-5111 CVE-2017-5112 CVE-2017-5113 CVE-2017-5114 CVE-2017-5115 CVE-2017-5116 CVE-2017-5117 CVE-2017-5118 CVE-2017-5119 CVE-2017-5120 Package : chromium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-391 Summary ======= The package chromium before version 61.0.3163.79-1 is vulnerable to multiple issues including arbitrary code execution, access restriction bypass, information disclosure and silent downgrade. Resolution ========== Upgrade to 61.0.3163.79-1. # pacman -Syu "chromium>=61.0.3163.79-1" The problems have been fixed upstream in version 61.0.3163.79. Workaround ========== None. Description =========== - CVE-2017-5111 (arbitrary code execution) A use-after-free vulnerability has been found in the PDFium component of the Chromium browser < 61.0.3163.79. - CVE-2017-5112 (arbitrary code execution) A heap-based buffer overflow vulnerability has been found in the WebGL component of the Chromium browser < 61.0.3163.79. - CVE-2017-5113 (arbitrary code execution) A heap-based buffer overflow vulnerability has been found in the Skia component of the Chromium browser < 61.0.3163.79. - CVE-2017-5114 (arbitrary code execution) A memory lifecycle vulnerability has been found in the PDFium component of the Chromium browser < 61.0.3163.79. - CVE-2017-5115 (arbitrary code execution) A type confusion vulnerability has been found in the V8 component of the Chromium browser < 61.0.3163.79. - CVE-2017-5116 (arbitrary code execution) A type confusion vulnerability has been found in the V8 component of the Chromium browser < 61.0.3163.79. - CVE-2017-5117 (information disclosure) A use of initialized value issue has been found in the Skia component of the Chromium browser < 61.0.3163.79. - CVE-2017-5118 (access restriction bypass) A content security policy bypass vulnerability has been found in the Blink component of the Chromium browser < 61.0.3163.79. - CVE-2017-5119 (information disclosure) A use of initialized value issue has been found in the Skia component of the Chromium browser < 61.0.3163.79. - CVE-2017-5120 (silent downgrade) A potential issue leading to HTTPS downgrade during redirect navigation has been found in the Chromium browser < 61.0.3163.79. Impact ====== A remote attacker can access sensitive information, bypass the content security policy, force a downgrade from HTTPS to HTTP and execute arbitrary code on the affected host. References ========== https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html https://bugs.chromium.org/p/chromium/issues/detail?id=737023 https://bugs.chromium.org/p/chromium/issues/detail?id=740603 https://bugs.chromium.org/p/chromium/issues/detail?id=747043 https://bugs.chromium.org/p/chromium/issues/detail?id=752829 https://bugs.chromium.org/p/chromium/issues/detail?id=744584 https://bugs.chromium.org/p/chromium/issues/detail?id=759624 https://bugs.chromium.org/p/chromium/issues/detail?id=739190 https://bugs.chromium.org/p/chromium/issues/detail?id=747847 https://bugs.chromium.org/p/chromium/issues/detail?id=725127 https://bugs.chromium.org/p/chromium/issues/detail?id=718676 https://security.archlinux.org/CVE-2017-5111 https://security.archlinux.org/CVE-2017-5112 https://security.archlinux.org/CVE-2017-5113 https://security.archlinux.org/CVE-2017-5114 https://security.archlinux.org/CVE-2017-5115 https://security.archlinux.org/CVE-2017-5116 https://security.archlinux.org/CVE-2017-5117 https://security.archlinux.org/CVE-2017-5118 https://security.archlinux.org/CVE-2017-5119 https://security.archlinux.org/CVE-2017-5120