102196

RHSA-2017:3479

https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop_14.html

https://crbug.com/788453

GLSA-201801-03

DSA-4103

A QtWebEngine security update backporting security fixes from Chromium 65 (up to 65.0.3325.146). (The backports have been forward-ported from QtWebEngine 5.9.5 LTS.)

This update fixes the following security issues :

  - CVE-2017-15429

  - CVE-2018-6033 (claimed fixed in 5.10.1, but the fix was     incomplete and had no effect; this update adds the     missing part to make the fix effective)

  - CVE-2018-6060

  - CVE-2018-6062

  - CVE-2018-6064

  - CVE-2018-6069

  - CVE-2018-6071

  - CVE-2018-6073

  - CVE-2018-6076

  - CVE-2018-6079

  - CVE-2018-6081

  - CVE-2018-6082

  - Chromium (security) Bug 770734

  - Chromium (security) Bug 774833

  - Chromium (security) Bug 798410

  - Chromium (security) Bug 789764

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of Google Chrome installed on the remote host is prior to 63.0.3239.108, and is affected by multiple vulnerabilities :

 - A flaw exists that allows a universal cross-site scripting (XSS) attack. This flaw exists exists because the program does not validate input before returning it to users. This may allow a context-dependent attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.
 - A use-after-free error exists in the 'DnsTransactionImpl::MakeTCPAttempt()' function in 'net/dns/dns_transaction.cc' that is triggered when handling DNS responses. This that may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.

Several vulnerabilities have been discovered in the chromium web browser.

  - CVE-2017-15420     Drew Springall discovered a URL spoofing issue.

  - CVE-2017-15429     A cross-site scripting issue was discovered in the v8     JavaScript library.

  - CVE-2018-6031     A use-after-free issue was discovered in the pdfium     library.

  - CVE-2018-6032     Jun Kokatsu discovered a way to bypass the same origin     policy.

  - CVE-2018-6033     Juho Nurminen discovered a race condition when opening     downloaded files.

  - CVE-2018-6034     Tobias Klein discovered an integer overflow issue.

  - CVE-2018-6035     Rob Wu discovered a way for extensions to access     devtools.

  - CVE-2018-6036     UK's National Cyber Security Centre discovered an     integer overflow issue.

  - CVE-2018-6037     Paul Stone discovered an issue in the autofill feature.

  - CVE-2018-6038     cloudfuzzer discovered a buffer overflow issue.

  - CVE-2018-6039     Juho Nurminen discovered a cross-site scripting issue in     the developer tools.

  - CVE-2018-6040     WenXu Wu discovered a way to bypass the content security     policy.

  - CVE-2018-6041     Luan Herrera discovered a URL spoofing issue.

  - CVE-2018-6042     Khalil Zhani discovered a URL spoofing issue.

  - CVE-2018-6043     A character escaping issue was discovered.

  - CVE-2018-6045     Rob Wu discovered a way for extensions to access     devtools.

  - CVE-2018-6046     Rob Wu discovered a way for extensions to access     devtools.

  - CVE-2018-6047     Masato Kinugawa discovered an information leak issue.

  - CVE-2018-6048     Jun Kokatsu discovered a way to bypass the referrer     policy.

  - CVE-2018-6049     WenXu Wu discovered a user interface spoofing issue.

  - CVE-2018-6050     Jonathan Kew discovered a URL spoofing issue.

  - CVE-2018-6051     Antonio Sanso discovered an information leak issue.

  - CVE-2018-6052     Tanner Emek discovered that the referrer policy     implementation was incomplete.

  - CVE-2018-6053     Asset Kabdenov discovered an information leak issue.

  - CVE-2018-6054     Rob Wu discovered a use-after-free issue.

Google Chrome Releases reports :

2 security fixes in this release, including :

- [788453] High CVE-2017-15429: UXSS in V8. Reported by Anonymous on 2017-11-24

- [794792] Various fixes from internal audits, fuzzing and other initiatives

Security fix for CVE-2017-15412 CVE-2017-15422 CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420 CVE-2017-15423 CVE-2017-15424 CVE-2017-15425 CVE-2017-15426 CVE-2017-15427 CVE-2017-15429

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is affected by the vulnerability described in GLSA-201801-03 (Chromium, Google Chrome: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium and Google       Chrome. Please review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly execute arbitrary code with the       privileges of the process, cause a Denial of Service condition, bypass       content security controls, or conduct URL spoofing.
  Workaround :

    There are no known workarounds at this time.

Security fix for CVE-2017-15412 CVE-2017-15422 CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420 CVE-2017-15423 CVE-2017-15424 CVE-2017-15425 CVE-2017-15426 CVE-2017-15427 CVE-2017-15429

----

Security fix for CVE-2017-15398, CVE-2017-15399

----

Security fix for CVE-2017-15386 CVE-2017-15387 CVE-2017-15388 CVE-2017-15389 CVE-2017-15390 CVE-2017-15391 CVE-2017-15392 CVE-2017-15393 CVE-2017-15394 CVE-2017-15395 CVE-2017-5124 CVE-2017-5125 CVE-2017-5126 CVE-2017-5127.

Build switched to use gtk3.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of Google Chrome installed on the remote macOS or Mac OS X host is prior to 63.0.3239.108. It is, therefore, affected by multiple vulnerabilities as noted in Chrome stable channel update release notes for Thursday, December 14, 2017. Please refer to the release notes for additional information.

Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote Windows host is prior to 63.0.3239.108. It is, therefore, affected by multiple vulnerabilities as noted in Chrome stable channel update release notes for Thursday, December 14, 2017. Please refer to the release notes for additional information.

Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Chromium is an open source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 63.0.3239.108.

Security Fix(es) :

* A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2017-15429)

This update to Chromium 63.0.3239.108 fixes the following issues :

  - CVE-2017-15429: UXSS in V8 (bsc#1072976)

  - Various fuzzing fixes

ID	Name	Product	Family	Severity
120733	Fedora 28 : qt5-qtwebengine (2018-b844991a97)	Nessus	Fedora Local Security Checks	medium
700350	Google Chrome < 63.0.3239.108 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
108616	Fedora 27 : qt5-qtwebengine (2018-44e1c23700)	Nessus	Fedora Local Security Checks	medium
108612	Fedora 26 : qt5-qtwebengine (2018-024afa2d48)	Nessus	Fedora Local Security Checks	medium
106537	Debian DSA-4103-1 : chromium-browser - security update	Nessus	Debian Local Security Checks	medium
106238	FreeBSD : chromium -- multiple vulnerabilities (e264e74e-ffe0-11e7-8b91-e8e0b747a45a)	Nessus	FreeBSD Local Security Checks	medium
105968	Fedora 27 : chromium (2017-c2645aa935)	Nessus	Fedora Local Security Checks	medium
105629	GLSA-201801-03 : Chromium, Google Chrome: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
105501	Fedora 26 : chromium (2017-ea44f172e3)	Nessus	Fedora Local Security Checks	high
105357	Google Chrome < 63.0.3239.108 Multiple Vulnerabilities (macOS)	Nessus	MacOS X Local Security Checks	medium
105356	Google Chrome < 63.0.3239.108 Multiple Vulnerabilities	Nessus	Windows	medium
105345	RHEL 6 : chromium-browser (RHSA-2017:3479)	Nessus	Red Hat Local Security Checks	medium
105340	openSUSE Security Update : chromium (openSUSE-2017-1380)	Nessus	SuSE Local Security Checks	medium

CVE-2017-15429

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Tenable Plugins