Subject: [ASA-201908-1] chromium: multiple issues Arch Linux Security Advisory ASA-201908-1 ========================================= Severity: High Date : 2019-08-02 CVE-ID : CVE-2019-5850 CVE-2019-5851 CVE-2019-5852 CVE-2019-5853 CVE-2019-5854 CVE-2019-5855 CVE-2019-5856 CVE-2019-5857 CVE-2019-5858 CVE-2019-5859 CVE-2019-5860 CVE-2019-5861 CVE-2019-5862 CVE-2019-5864 CVE-2019-5865 Package : chromium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1013 Summary ======= The package chromium before version 76.0.3809.87-1 is vulnerable to multiple issues including access restriction bypass, arbitrary code execution, content spoofing, denial of service and insufficient validation. Resolution ========== Upgrade to 76.0.3809.87-1. # pacman -Syu "chromium>=76.0.3809.87-1" The problems have been fixed upstream in version 76.0.3809.87. Workaround ========== None. Description =========== - CVE-2019-5850 (arbitrary code execution) A use-after-free issue has been found in the offline page fetcher component of Chromium before 76.0.3809.87. - CVE-2019-5851 (arbitrary code execution) A use-after-poison issue has been found in the offline audio context component of Chromium before 76.0.3809.87. - CVE-2019-5852 (denial of service) An object leak issue has been found in the utility functions of Chromium before 76.0.3809.87. - CVE-2019-5853 (arbitrary code execution) A memory corruption issue has been found in the regexp length checks of Chromium before 76.0.3809.87. - CVE-2019-5854 (arbitrary code execution) An integer overflow issue has been found in the text rendering of the PDFium component of Chromium before 76.0.3809.87. - CVE-2019-5855 (arbitrary code execution) An integer overflow issue has been found in the text rendering of the PDFium component of Chromium before 76.0.3809.87. - CVE-2019-5856 (access restriction bypass) An insufficient checks on filesystem: URI permissions issue has been found in Chromium before 76.0.3809.87. - CVE-2019-5857 (denial of service) An issue has been found in Chromium before 76.0.3809.87 where the comparison of -0 and null yields a crash. - CVE-2019-5858 (insufficient validation) An insufficient filtering of Open URL service parameters issue has been found in Chromium before 76.0.3809.87. - CVE-2019-5859 (access restriction bypass) An issue has been found in Chromium before 76.0.3809.87, where res: URIs can load alternative browsers. - CVE-2019-5860 (arbitrary code execution) A use-after-free issue has been found in the PDFium component of Chromium before 76.0.3809.87. - CVE-2019-5861 (content spoofing) An issue has been found in Chromium before 76.0.3809.87, where click location was incorrectly checked. - CVE-2019-5862 (access restriction bypass) An issue with AppCache not being robust to compromised renderers has been found in Chromium before 76.0.3809.87. - CVE-2019-5864 (access restriction bypass) An insufficient port filtering in CORS for extensions issue has been found in Chromium before 76.0.3809.87. - CVE-2019-5865 (access restriction bypass) A site isolation bypass from a compromised renderer has been found in Chromium before 76.0.3809.87. Impact ====== A remote attacker can bypass security measures, cause a crash or execute arbitrary code on the affected host. References ========== https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html https://crbug.com/977462 https://crbug.com/977107 https://crbug.com/976713 https://crbug.com/976627 https://crbug.com/966263 https://crbug.com/964872 https://crbug.com/964245 https://crbug.com/961237 https://crbug.com/960209 https://crbug.com/959438 https://crbug.com/956947 https://crbug.com/951525 https://crbug.com/946260 https://crbug.com/936900 https://crbug.com/973103 https://security.archlinux.org/CVE-2019-5850 https://security.archlinux.org/CVE-2019-5851 https://security.archlinux.org/CVE-2019-5852 https://security.archlinux.org/CVE-2019-5853 https://security.archlinux.org/CVE-2019-5854 https://security.archlinux.org/CVE-2019-5855 https://security.archlinux.org/CVE-2019-5856 https://security.archlinux.org/CVE-2019-5857 https://security.archlinux.org/CVE-2019-5858 https://security.archlinux.org/CVE-2019-5859 https://security.archlinux.org/CVE-2019-5860 https://security.archlinux.org/CVE-2019-5861 https://security.archlinux.org/CVE-2019-5862 https://security.archlinux.org/CVE-2019-5864 https://security.archlinux.org/CVE-2019-5865