Arch Linux Security Advisory ASA-202112-1 ========================================= Severity: High Date : 2021-12-03 CVE-ID : CVE-2021-37981 CVE-2021-37982 CVE-2021-37984 CVE-2021-37985 CVE-2021-37986 CVE-2021-37987 CVE-2021-37988 CVE-2021-37989 CVE-2021-37990 CVE-2021-37991 CVE-2021-37992 CVE-2021-37993 CVE-2021-37994 CVE-2021-37995 CVE-2021-37996 CVE-2021-37998 CVE-2021-38000 CVE-2021-38001 CVE-2021-38003 CVE-2021-38004 CVE-2021-38005 CVE-2021-38006 CVE-2021-38007 CVE-2021-38008 CVE-2021-38009 CVE-2021-38010 CVE-2021-38011 CVE-2021-38012 CVE-2021-38013 CVE-2021-38014 CVE-2021-38015 CVE-2021-38016 CVE-2021-38017 CVE-2021-38018 CVE-2021-38019 CVE-2021-38020 CVE-2021-38021 CVE-2021-38022 Package : vivaldi Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2475 Summary ======= The package vivaldi before version 5.0.2497.24-1 is vulnerable to multiple issues including arbitrary code execution, insufficient validation, access restriction bypass, content spoofing, information disclosure, same-origin policy bypass, sandbox escape and denial of service. Resolution ========== Upgrade to 5.0.2497.24-1. # pacman -Syu "vivaldi>=5.0.2497.24-1" The problems have been fixed upstream in version 5.0.2497.24. Workaround ========== None. Description =========== - CVE-2021-37981 (arbitrary code execution) A heap buffer overflow security issue has been found in the Skia component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37982 (arbitrary code execution) A use after free security issue has been found in the Incognito component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37984 (arbitrary code execution) A heap buffer overflow security issue has been found in the PDFium component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37985 (arbitrary code execution) A use after free security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37986 (arbitrary code execution) A heap buffer overflow security issue has been found in the Settings component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37987 (arbitrary code execution) A use after free security issue has been found in the Network APIs component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37988 (arbitrary code execution) A use after free security issue has been found in the Profiles component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37989 (arbitrary code execution) An inappropriate implementation security issue has been found in the Blink component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37990 (arbitrary code execution) An inappropriate implementation security issue has been found in the WebView component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37991 (arbitrary code execution) A race security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37992 (information disclosure) An out of bounds read security issue has been found in the WebAudio component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37993 (arbitrary code execution) A use after free security issue has been found in the PDF Accessibility component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37994 (arbitrary code execution) An inappropriate implementation security issue has been found in the iFrame Sandbox component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37995 (arbitrary code execution) An inappropriate implementation security issue has been found in the WebApp Installer component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37996 (insufficient validation) An insufficient validation of untrusted input security issue has been found in the Downloads component of the Chromium browser engine before version 95.0.4638.54. - CVE-2021-37998 (arbitrary code execution) A use after free security issue has been found in the Garbage Collection component of the Chromium browser engine before version 95.0.4638.69. - CVE-2021-38000 (insufficient validation) An insufficient validation of untrusted input security issue has been found in the Intents component of the Chromium browser engine before version 95.0.4638.69. Google is aware that an exploit for CVE-2021-38000 exists in the wild. - CVE-2021-38001 (arbitrary code execution) A type confusion security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.69. - CVE-2021-38003 (arbitrary code execution) An inappropriate implementation security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.69. Google is aware that an exploit for CVE-2021-38003 exists in the wild. - CVE-2021-38004 (access restriction bypass) An insufficient policy enforcement security issue has been found in the Autofill component of the Chromium browser engine before version 95.0.4638.69. - CVE-2021-38005 (arbitrary code execution) A use after free security issue has been found in the loader component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38006 (arbitrary code execution) A use after free security issue has been found in the storage foundation component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38007 (arbitrary code execution) A type confusion security issue has been found in the V8 component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38008 (arbitrary code execution) A use after free security issue has been found in the media component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38009 (arbitrary code execution) An inappropriate implementation security issue has been found in the cache component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38010 (arbitrary code execution) An inappropriate implementation security issue has been found in the service workers component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38011 (arbitrary code execution) A use after free security issue has been found in the storage foundation component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38012 (arbitrary code execution) A type confusion security issue has been found in the V8 component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38013 (arbitrary code execution) A heap buffer overflow security issue has been found in the fingerprint recognition component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38014 (arbitrary code execution) An out of bounds write security issue has been found in the Swiftshader component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38015 (arbitrary code execution) An inappropriate implementation security issue has been found in the input component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38016 (access restriction bypass) An insufficient policy enforcement security issue has been found in the background fetch component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38017 (sandbox escape) An insufficient policy enforcement security issue has been found in the iframe sandbox component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38018 (content spoofing) An inappropriate implementation security issue has been found in the navigation component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38019 (same-origin policy bypass) An insufficient policy enforcement security issue has been found in the CORS component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38020 (information disclosure) An insufficient policy enforcement security issue has been found in the contacts picker component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38021 (information disclosure) An inappropriate implementation security issue has been found in the referrer component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38022 (denial of service) An inappropriate implementation security issue has been found in the WebAuthentication component of the Chromium browser engine before version 96.0.4664.45. Impact ====== A remote attacker could execute arbitrary code, disclose sensitive information, spoof content, bypass security restrictions or crash the browser through crafted web content. Google is aware that exploits for two of the security issues exist in the wild. References ========== https://vivaldi.com/blog/desktop/update-three-4-3/ https://vivaldi.com/blog/desktop/further-updates-to-theme-sharing-vivaldi-browser-snapshot-2488-3/ https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html https://crbug.com/1246631 https://crbug.com/1248661 https://crbug.com/1253399 https://crbug.com/1241860 https://crbug.com/1242404 https://crbug.com/1206928 https://crbug.com/1228248 https://crbug.com/1233067 https://crbug.com/1247395 https://crbug.com/1250660 https://crbug.com/1253746 https://crbug.com/1255332 https://crbug.com/1100761 https://crbug.com/1242315 https://crbug.com/1243020 https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html https://crbug.com/1259587 https://crbug.com/1249962 https://crbug.com/1260577 https://crbug.com/1263462 https://crbug.com/1227170 https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html https://crbug.com/1241091 https://crbug.com/1240593 https://crbug.com/1254189 https://crbug.com/1263620 https://crbug.com/1260649 https://crbug.com/1264477 https://crbug.com/1268274 https://crbug.com/1262791 https://crbug.com/1242392 https://crbug.com/1248567 https://crbug.com/957553 https://crbug.com/1244289 https://crbug.com/1256822 https://crbug.com/1197889 https://crbug.com/1251179 https://crbug.com/1259694 https://crbug.com/1233375 https://crbug.com/1248862 https://security.archlinux.org/CVE-2021-37981 https://security.archlinux.org/CVE-2021-37982 https://security.archlinux.org/CVE-2021-37984 https://security.archlinux.org/CVE-2021-37985 https://security.archlinux.org/CVE-2021-37986 https://security.archlinux.org/CVE-2021-37987 https://security.archlinux.org/CVE-2021-37988 https://security.archlinux.org/CVE-2021-37989 https://security.archlinux.org/CVE-2021-37990 https://security.archlinux.org/CVE-2021-37991 https://security.archlinux.org/CVE-2021-37992 https://security.archlinux.org/CVE-2021-37993 https://security.archlinux.org/CVE-2021-37994 https://security.archlinux.org/CVE-2021-37995 https://security.archlinux.org/CVE-2021-37996 https://security.archlinux.org/CVE-2021-37998 https://security.archlinux.org/CVE-2021-38000 https://security.archlinux.org/CVE-2021-38001 https://security.archlinux.org/CVE-2021-38003 https://security.archlinux.org/CVE-2021-38004 https://security.archlinux.org/CVE-2021-38005 https://security.archlinux.org/CVE-2021-38006 https://security.archlinux.org/CVE-2021-38007 https://security.archlinux.org/CVE-2021-38008 https://security.archlinux.org/CVE-2021-38009 https://security.archlinux.org/CVE-2021-38010 https://security.archlinux.org/CVE-2021-38011 https://security.archlinux.org/CVE-2021-38012 https://security.archlinux.org/CVE-2021-38013 https://security.archlinux.org/CVE-2021-38014 https://security.archlinux.org/CVE-2021-38015 https://security.archlinux.org/CVE-2021-38016 https://security.archlinux.org/CVE-2021-38017 https://security.archlinux.org/CVE-2021-38018 https://security.archlinux.org/CVE-2021-38019 https://security.archlinux.org/CVE-2021-38020 https://security.archlinux.org/CVE-2021-38021 https://security.archlinux.org/CVE-2021-38022