Subject: [ASA-201906-4] chromium: multiple issues Arch Linux Security Advisory ASA-201906-4 ========================================= Severity: Critical Date : 2019-06-07 CVE-ID : CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837 CVE-2019-5838 CVE-2019-5839 CVE-2019-5840 Package : chromium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-972 Summary ======= The package chromium before version 75.0.3770.80-1 is vulnerable to multiple issues including arbitrary code execution, access restriction bypass, content spoofing, incorrect calculation and information disclosure. Resolution ========== Upgrade to 75.0.3770.80-1. # pacman -Syu "chromium>=75.0.3770.80-1" The problems have been fixed upstream in version 75.0.3770.80. Workaround ========== None. Description =========== - CVE-2019-5828 (arbitrary code execution) A use-after-free vulnerability has been found in the ServiceWorker component of the chromium browser before 75.0.3770.80. - CVE-2019-5829 (arbitrary code execution) A use-after-free vulnerability has been found in the Download Manager component of the chromium browser before 75.0.3770.80. - CVE-2019-5830 (access restriction bypass) An incorrectly credentialed requests vulnerability has been found in the CORS component of the chromium browser before 75.0.3770.80. - CVE-2019-5831 (incorrect calculation) An incorrect map processing vulnerability has been found in the V8 component of the chromium browser before 75.0.3770.80. - CVE-2019-5832 (access restriction bypass) An incorrect CORS handling vulnerability has been found in the XHR component of the chromium browser before 75.0.3770.80. - CVE-2019-5833 (content spoofing) An inconsistent security UI placement vulnerability has been found in the chromium browser before 75.0.3770.80. - CVE-2019-5835 (information disclosure) An out-of-bounds read vulnerability has been found in the Swiftshader component of the chromium browser before 75.0.3770.80. - CVE-2019-5836 (arbitrary code execution) A heap-based buffer overflow vulnerability has been found in the Angle component of the chromium browser before 75.0.3770.80. - CVE-2019-5837 (information disclosure) A cross-origin resources size disclosure vulnerability has been found in the Appcache component of the chromium browser before 75.0.3770.80. - CVE-2019-5838 (access restriction bypass) An overly permissive tab access vulnerability has been found in the Extensions component of the chromium browser before 75.0.3770.80. - CVE-2019-5839 (access restriction bypass) An incorrect handling of certain code points vulnerability has been found in the Blink component of the chromium browser before 75.0.3770.80. - CVE-2019-5840 (access restriction bypass) A popup blocker bypass vulnerability has been found in the chromium browser before 75.0.3770.80. Impact ====== A remote attacker can access sensitive information, bypass security measures, spoof content and execute arbitrary code on the affected host. References ========== https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html https://crbug.com/956597 https://crbug.com/958533 https://crbug.com/665766 https://crbug.com/950328 https://crbug.com/959390 https://crbug.com/945067 https://crbug.com/939239 https://crbug.com/947342 https://crbug.com/918293 https://crbug.com/893087 https://crbug.com/925614 https://crbug.com/951782 https://security.archlinux.org/CVE-2019-5828 https://security.archlinux.org/CVE-2019-5829 https://security.archlinux.org/CVE-2019-5830 https://security.archlinux.org/CVE-2019-5831 https://security.archlinux.org/CVE-2019-5832 https://security.archlinux.org/CVE-2019-5833 https://security.archlinux.org/CVE-2019-5835 https://security.archlinux.org/CVE-2019-5836 https://security.archlinux.org/CVE-2019-5837 https://security.archlinux.org/CVE-2019-5838 https://security.archlinux.org/CVE-2019-5839 https://security.archlinux.org/CVE-2019-5840