FreeBSD : chromium -- multiple vulnerabilities (b9c525d9-9198-11e8-beba-080027ef1a23)

critical Nessus Plugin ID 111407

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Google Chrome Releases reports :

42 security fixes in this release, including :

- [850350] High CVE-2018-6153: Stack buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-06-07

- [848914] High CVE-2018-6154: Heap buffer overflow in WebGL. Reported by Omair on 2018-06-01

- [842265] High CVE-2018-6155: Use after free in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-05-11

- [841962] High CVE-2018-6156: Heap buffer overflow in WebRTC.
Reported by Natalie Silvanovich of Google Project Zero on 2018-05-10

- [840536] High CVE-2018-6157: Type confusion in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-05-07

- [812667] Medium CVE-2018-6150: Cross origin information disclosure in Service Workers. Reported by Rob Wu on 2018-02-15

- [805905] Medium CVE-2018-6151: Bad cast in DevTools. Reported by Rob Wu on 2018-01-25

- [805445] Medium CVE-2018-6152: Local file write in DevTools.
Reported by Rob Wu on 2018-01-24

- [841280] Medium CVE-2018-6158: Use after free in Blink. Reported by Zhe Jin, Luyao Liu from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-05-09

- [837275] Medium CVE-2018-6159: Same origin policy bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-04-26

- [839822] Medium CVE-2018-6160: URL spoof in Chrome on iOS. Reported by evi1m0 of Bilibili Security Team on 2018-05-04

- [826552] Medium CVE-2018-6161: Same origin policy bypass in WebAudio. Reported by Jun Kokatsu (@shhnjk) on 2018-03-27

- [804123] Medium CVE-2018-6162: Heap buffer overflow in WebGL.
Reported by Omair on 2018-01-21

- [849398] Medium CVE-2018-6163: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-06-04

- [848786] Medium CVE-2018-6164: Same origin policy bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-06-01

- [847718] Medium CVE-2018-6165: URL spoof in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-05-30

- [835554] Medium CVE-2018-6166: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-04-21

- [833143] Medium CVE-2018-6167: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-04-15

- [828265] Medium CVE-2018-6168: CORS bypass in Blink. Reported by Gunes Acar and Danny Y. Huang of Princeton University, Frank Li of UC Berkeley on 2018-04-03

- [394518] Medium CVE-2018-6169: Permissions bypass in extension installation. Reported by Sam P on 2014-07-16

- [862059] Medium CVE-2018-6170: Type confusion in PDFium. Reported by Anonymous on 2018-07-10

- [851799] Medium CVE-2018-6171: Use after free in WebBluetooth.
Reported by [email protected] on 2018-06-12

- [847242] Medium CVE-2018-6172: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-05-28

- [836885] Medium CVE-2018-6173: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-04-25

- [835299] Medium CVE-2018-6174: Integer overflow in SwiftShader.
Reported by Mark Brand of Google Project Zero on 2018-04-20

- [826019] Medium CVE-2018-6175: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-26

- [666824] Medium CVE-2018-6176: Local user privilege escalation in Extensions. Reported by Jann Horn of Google Project Zero on 2016-11-18

- [826187] Low CVE-2018-6177: Cross origin information leak in Blink.
Reported by Ron Masas (Imperva) on 2018-03-27

- [823194] Low CVE-2018-6178: UI spoof in Extensions. Reported by Khalil Zhani on 2018-03-19

- [816685] Low CVE-2018-6179: Local file information leak in Extensions. Reported by Anonymous on 2018-02-26

- [797461] Low CVE-2018-6044: Request privilege escalation in Extensions. Reported by Wob Wu on 2017-12-23

- [791324] Low CVE-2018-4117: Cross origin information leak in Blink.
Reported by AhsanEjaz - @AhsanEjazA on 2017-12-03

- [866821] Various fixes from internal audits, fuzzing and other initiatives

Solution

Update the affected package.

See Also

http://www.nessus.org/u?89d1144b

http://www.nessus.org/u?47311ecc

Plugin Details

Severity: Critical

ID: 111407

File Name: freebsd_pkg_b9c525d9919811e8beba080027ef1a23.nasl

Version: 1.6

Type: local

Published: 7/30/2018

Updated: 7/10/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.5

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:chromium, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 7/27/2018

Vulnerability Publication Date: 7/24/2018

Reference Information

CVE: CVE-2018-4117, CVE-2018-6044, CVE-2018-6150, CVE-2018-6151, CVE-2018-6152, CVE-2018-6153, CVE-2018-6154, CVE-2018-6155, CVE-2018-6156, CVE-2018-6157, CVE-2018-6158, CVE-2018-6159, CVE-2018-6160, CVE-2018-6161, CVE-2018-6162, CVE-2018-6163, CVE-2018-6164, CVE-2018-6165, CVE-2018-6166, CVE-2018-6167, CVE-2018-6168, CVE-2018-6169, CVE-2018-6170, CVE-2018-6171, CVE-2018-6172, CVE-2018-6173, CVE-2018-6174, CVE-2018-6175, CVE-2018-6176, CVE-2018-6177, CVE-2018-6178, CVE-2018-6179