Subject: [ASA-202110-7] chromium: multiple issues Arch Linux Security Advisory ASA-202110-7 ========================================= Severity: High Date : 2021-10-29 CVE-ID : CVE-2021-37997 CVE-2021-37998 CVE-2021-37999 CVE-2021-38000 CVE-2021-38001 CVE-2021-38002 CVE-2021-38003 CVE-2021-38004 Package : chromium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2504 Summary ======= The package chromium before version 95.0.4638.69-1 is vulnerable to multiple issues including arbitrary code execution, insufficient validation and access restriction bypass. Resolution ========== Upgrade to 95.0.4638.69-1. # pacman -Syu "chromium>=95.0.4638.69-1" The problems have been fixed upstream in version 95.0.4638.69. Workaround ========== None. Description =========== - CVE-2021-37997 (arbitrary code execution) A use after free security issue has been found in the Sign-In component of the Chromium browser engine before version 95.0.4638.69. - CVE-2021-37998 (arbitrary code execution) A use after free security issue has been found in the Garbage Collection component of the Chromium browser engine before version 95.0.4638.69. - CVE-2021-37999 (insufficient validation) An insufficient data validation security issue has been found in the New Tab Page component of the Chromium browser engine before version 95.0.4638.69. - CVE-2021-38000 (insufficient validation) An insufficient validation of untrusted input security issue has been found in the Intents component of the Chromium browser engine before version 95.0.4638.69. Google is aware that an exploit for CVE-2021-38000 exists in the wild. - CVE-2021-38001 (arbitrary code execution) A type confusion security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.69. - CVE-2021-38002 (arbitrary code execution) A use after free security issue has been found in the Web Transport component of the Chromium browser engine before version 95.0.4638.69. - CVE-2021-38003 (arbitrary code execution) An inappropriate implementation security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.69. Google is aware that an exploit for CVE-2021-38003 exists in the wild. - CVE-2021-38004 (access restriction bypass) An insufficient policy enforcement security issue has been found in the Autofill component of the Chromium browser engine before version 95.0.4638.69. Impact ====== A remote attacker could execute arbitrary code through crafted web content. Google is aware that exploits for two of the security issues exist in the wild. References ========== https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html https://crbug.com/1259864 https://crbug.com/1259587 https://crbug.com/1251541 https://crbug.com/1249962 https://crbug.com/1260577 https://crbug.com/1260940 https://crbug.com/1263462 https://crbug.com/1227170 https://security.archlinux.org/CVE-2021-37997 https://security.archlinux.org/CVE-2021-37998 https://security.archlinux.org/CVE-2021-37999 https://security.archlinux.org/CVE-2021-38000 https://security.archlinux.org/CVE-2021-38001 https://security.archlinux.org/CVE-2021-38002 https://security.archlinux.org/CVE-2021-38003 https://security.archlinux.org/CVE-2021-38004