Debian DSA-4256-1 : chromium-browser - security update

critical Nessus Plugin ID 111360

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the chromium web browser.

- CVE-2018-4117 AhsanEjaz discovered an information leak.

- CVE-2018-6044 Rob Wu discovered a way to escalate privileges using extensions.

- CVE-2018-6150 Rob Wu discovered an information disclosure issue (this problem was fixed in a previous release but was mistakenly omitted from upstream's announcement at the time).

- CVE-2018-6151 Rob Wu discovered an issue in the developer tools (this problem was fixed in a previous release but was mistakenly omitted from upstream's announcement at the time).

- CVE-2018-6152 Rob Wu discovered an issue in the developer tools (this problem was fixed in a previous release but was mistakenly omitted from upstream's announcement at the time).

- CVE-2018-6153 Zhen Zhou discovered a buffer overflow issue in the skia library.

- CVE-2018-6154 Omair discovered a buffer overflow issue in the WebGL implementation.

- CVE-2018-6155 Natalie Silvanovich discovered a use-after-free issue in the WebRTC implementation.

- CVE-2018-6156 Natalie Silvanovich discovered a buffer overflow issue in the WebRTC implementation.

- CVE-2018-6157 Natalie Silvanovich discovered a type confusion issue in the WebRTC implementation.

- CVE-2018-6158 Zhe Jin discovered a use-after-free issue.

- CVE-2018-6159 Jun Kokatsu discovered a way to bypass the same origin policy.

- CVE-2018-6161 Jun Kokatsu discovered a way to bypass the same origin policy.

- CVE-2018-6162 Omair discovered a buffer overflow issue in the WebGL implementation.

- CVE-2018-6163 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6164 Jun Kokatsu discovered a way to bypass the same origin policy.

- CVE-2018-6165 evil1m0 discovered a URL spoofing issue.

- CVE-2018-6166 Lynas Zhang discovered a URL spoofing issue.

- CVE-2018-6167 Lynas Zhang discovered a URL spoofing issue.

- CVE-2018-6168 Gunes Acar and Danny Y. Huang discovered a way to bypass the Cross Origin Resource Sharing policy.

- CVE-2018-6169 Sam P discovered a way to bypass permissions when installing extensions.

- CVE-2018-6170 A type confusion issue was discovered in the pdfium library.

- CVE-2018-6171 A use-after-free issue was discovered in the WebBluetooth implementation.

- CVE-2018-6172 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6173 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6174 Mark Brand discovered an integer overflow issue in the swiftshader library.

- CVE-2018-6175 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6176 Jann Horn discovered a way to escalate privileges using extensions.

- CVE-2018-6177 Ron Masas discovered an information leak.

- CVE-2018-6178 Khalil Zhani discovered a user interface spoofing issue.

- CVE-2018-6179 It was discovered that information about files local to the system could be leaked to extensions.

This version also fixes a regression introduced in the previous security update that could prevent decoding of particular audio/video codecs.

Solution

Upgrade the chromium-browser packages.

For the stable distribution (stretch), these problems have been fixed in version 68.0.3440.75-1~deb9u1.

See Also

https://security-tracker.debian.org/tracker/CVE-2018-4117

https://security-tracker.debian.org/tracker/CVE-2018-6044

https://security-tracker.debian.org/tracker/CVE-2018-6150

https://security-tracker.debian.org/tracker/CVE-2018-6151

https://security-tracker.debian.org/tracker/CVE-2018-6152

https://security-tracker.debian.org/tracker/CVE-2018-6153

https://security-tracker.debian.org/tracker/CVE-2018-6154

https://security-tracker.debian.org/tracker/CVE-2018-6155

https://security-tracker.debian.org/tracker/CVE-2018-6156

https://security-tracker.debian.org/tracker/CVE-2018-6157

https://security-tracker.debian.org/tracker/CVE-2018-6158

https://security-tracker.debian.org/tracker/CVE-2018-6159

https://security-tracker.debian.org/tracker/CVE-2018-6161

https://security-tracker.debian.org/tracker/CVE-2018-6162

https://security-tracker.debian.org/tracker/CVE-2018-6163

https://security-tracker.debian.org/tracker/CVE-2018-6164

https://security-tracker.debian.org/tracker/CVE-2018-6165

https://security-tracker.debian.org/tracker/CVE-2018-6166

https://security-tracker.debian.org/tracker/CVE-2018-6167

https://security-tracker.debian.org/tracker/CVE-2018-6168

https://security-tracker.debian.org/tracker/CVE-2018-6169

https://security-tracker.debian.org/tracker/CVE-2018-6170

https://security-tracker.debian.org/tracker/CVE-2018-6171

https://security-tracker.debian.org/tracker/CVE-2018-6172

https://security-tracker.debian.org/tracker/CVE-2018-6173

https://security-tracker.debian.org/tracker/CVE-2018-6174

https://security-tracker.debian.org/tracker/CVE-2018-6175

https://security-tracker.debian.org/tracker/CVE-2018-6176

https://security-tracker.debian.org/tracker/CVE-2018-6177

https://security-tracker.debian.org/tracker/CVE-2018-6178

https://security-tracker.debian.org/tracker/CVE-2018-6179

http://www.nessus.org/u?e33901a2

https://packages.debian.org/source/stretch/chromium-browser

https://www.debian.org/security/2018/dsa-4256

Plugin Details

Severity: Critical

ID: 111360

File Name: debian_DSA-4256.nasl

Version: 1.8

Type: local

Agent: unix

Published: 7/27/2018

Updated: 7/15/2019

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.5

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium-browser, cpe:/o:debian:debian_linux:9.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 7/26/2018

Vulnerability Publication Date: 4/3/2018

Reference Information

CVE: CVE-2018-4117, CVE-2018-6044, CVE-2018-6150, CVE-2018-6151, CVE-2018-6152, CVE-2018-6153, CVE-2018-6154, CVE-2018-6155, CVE-2018-6156, CVE-2018-6157, CVE-2018-6158, CVE-2018-6159, CVE-2018-6161, CVE-2018-6162, CVE-2018-6163, CVE-2018-6164, CVE-2018-6165, CVE-2018-6166, CVE-2018-6167, CVE-2018-6168, CVE-2018-6169, CVE-2018-6170, CVE-2018-6171, CVE-2018-6172, CVE-2018-6173, CVE-2018-6174, CVE-2018-6175, CVE-2018-6176, CVE-2018-6177, CVE-2018-6178, CVE-2018-6179

DSA: 4256