MGASA-2023-0256

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2023-0256.html
Import Source
https://advisories.mageia.org/MGASA-2023-0256.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2023-0256
Related
Published
2023-09-11T13:07:54Z
Modified
2023-09-11T10:37:57Z
Summary
Updated chromium-browser-stable packages fix security vulnerability
Details

The chromium-browser-stable package has been updated to the 116.0.5845.140 release, fixing 5 vulnerabilities.

High CVE-2023-4430: Use after free in Vulkan. Reported by Cassidy Kim(@cassidy6564) on 2023-08-02

High CVE-2023-4429: Use after free in Loader. Reported by Anonymous on 2023-08-03

High CVE-2023-4428: Out of bounds memory access in CSS. Reported by Francisco Alonso (@revskills) on 2023-08-06

High CVE-2023-4427: Out of bounds memory access in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-08-07

Medium CVE-2023-4431: Out of bounds memory access in Fonts. Reported by Microsoft Security Researcher on 2023-08-01

High CVE-2023-4572: Use after free in MediaStream. Reported by fwnfwn(@_fwnfwn) on 2023-08-12

References
Credits

Affected packages

Mageia:9 / chromium-browser-stable

Package

Name
chromium-browser-stable
Purl
pkg:rpm/mageia/chromium-browser-stable?distro=mageia-9

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
116.0.5845.140-1.mga9.tainted

Ecosystem specific 

{
    "section": "tainted"
}