https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html

https://crbug.com/976627

The remote host is affected by the vulnerability described in GLSA-201908-18 (Chromium, Google Chrome: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium and Google       Chrome. Please review the referenced CVE identifiers and Google Chrome       Releases for details.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

Several vulnerabilities have been discovered in the chromium web browser.

  - CVE-2019-5805     A use-after-free issue was discovered in the pdfium     library.

  - CVE-2019-5806     Wen Xu discovered an integer overflow issue in the Angle     library.

  - CVE-2019-5807     TimGMichaud discovered a memory corruption issue in the     v8 JavaScript library.

  - CVE-2019-5808     cloudfuzzer discovered a use-after-free issue in     Blink/Webkit.

  - CVE-2019-5809     Mark Brand discovered a use-after-free issue in     Blink/Webkit.

  - CVE-2019-5810     Mark Amery discovered an information disclosure issue.

  - CVE-2019-5811     Jun Kokatsu discovered a way to bypass the Cross-Origin     Resource Sharing feature.

  - CVE-2019-5813     Aleksandar Nikolic discovered an out-of-bounds read     issue in the v8 JavaScript library.

  - CVE-2019-5814     @AaylaSecura1138 discovered a way to bypass the     Cross-Origin Resource Sharing feature.

  - CVE-2019-5815     Nicolas Gregoire discovered a buffer overflow issue in     Blink/Webkit.

  - CVE-2019-5818     Adrian Tolbaru discovered an uninitialized value issue.

  - CVE-2019-5819     Svyat Mitin discovered an error in the developer tools.

  - CVE-2019-5820     pdknsk discovered an integer overflow issue in the     pdfium library.

  - CVE-2019-5821     pdknsk discovered another integer overflow issue in the     pdfium library.

  - CVE-2019-5822     Jun Kokatsu discovered a way to bypass the Cross-Origin     Resource Sharing feature.

  - CVE-2019-5823     David Erceg discovered a navigation error.

  - CVE-2019-5824     leecraso and Guang Gong discovered an error in the media     player.

  - CVE-2019-5825     Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu     discovered an out-of-bounds write issue in the v8     JavaScript library.

  - CVE-2019-5826     Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu     discovered a use-after-free issue.

  - CVE-2019-5827     mlfbrown discovered an out-of-bounds read issue in the     sqlite library.

  - CVE-2019-5828     leecraso and Guang Gong discovered a use-after-free     issue.

  - CVE-2019-5829     Lucas Pinheiro discovered a use-after-free issue.

  - CVE-2019-5830     Andrew Krashichkov discovered a credential error in the     Cross-Origin Resource Sharing feature.

  - CVE-2019-5831     yngwei discovered a map error in the v8 JavaScript     library.

  - CVE-2019-5832     Sergey Shekyan discovered an error in the Cross-Origin     Resource Sharing feature.

  - CVE-2019-5833     Khalil Zhani discovered a user interface error.

  - CVE-2019-5834     Khalil Zhani discovered a URL spoofing issue.

  - CVE-2019-5836     Omair discovered a buffer overflow issue in the Angle     library.

  - CVE-2019-5837     Adam Iawniuk discovered an information disclosure issue.

  - CVE-2019-5838     David Erceg discovered an error in extension     permissions.

  - CVE-2019-5839     Masato Kinugawa discovered implementation errors in     Blink/Webkit.

  - CVE-2019-5840     Eliya Stein and Jerome Dangu discovered a way to bypass     the popup blocker.

  - CVE-2019-5842     BUGFENSE discovered a use-after-free issue in     Blink/Webkit.

  - CVE-2019-5847     m3plex discovered an error in the v8 JavaScript library.

  - CVE-2019-5848     Mark Amery discovered an information disclosure issue.

  - CVE-2019-5849     Zhen Zhou discovered an out-of-bounds read in the Skia     library.

  - CVE-2019-5850     Brendon Tiszka discovered a use-after-free issue in the     offline page fetcher.

  - CVE-2019-5851     Zhe Jin discovered a use-after-poison issue.

  - CVE-2019-5852     David Erceg discovered an information disclosure issue.

  - CVE-2019-5853     Yngwei and sakura discovered a memory corruption issue.

  - CVE-2019-5854     Zhen Zhou discovered an integer overflow issue in the     pdfium library.

  - CVE-2019-5855     Zhen Zhou discovered an integer overflow issue in the     pdfium library.

  - CVE-2019-5856     Yongke Wang discovered an error related to filesystem:
    URI permissions.

  - CVE-2019-5857     cloudfuzzer discovered a way to crash chromium.

  - CVE-2019-5858     evil1m0 discovered an information disclosure issue.

  - CVE-2019-5859     James Lee discovered a way to launch alternative     browsers.

  - CVE-2019-5860     A use-after-free issue was discovered in the v8     JavaScript library.

  - CVE-2019-5861     Robin Linus discovered an error determining click     location.

  - CVE-2019-5862     Jun Kokatsu discovered an error in the AppCache     implementation.

  - CVE-2019-5864     Devin Grindle discovered an error in the Cross-Origin     Resourse Sharing feature for extensions.

  - CVE-2019-5865     Ivan Fratric discovered a way to bypass the site     isolation feature.

  - CVE-2019-5867     Lucas Pinheiro discovered an out-of-bounds read issue in     the v8 JavaScript library.

  - CVE-2019-5868     banananapenguin discovered a use-after-free issue in the     v8 JavaScript library.

This update for chromium to version 76.0.3809.87 fixes the following issues :

  - CVE-2019-5850: Use-after-free in offline page fetcher     (boo#1143492)

  - CVE-2019-5860: Use-after-free in PDFium (boo#1143492)

  - CVE-2019-5853: Memory corruption in regexp length check     (boo#1143492)

  - CVE-2019-5851: Use-after-poison in offline audio context     (boo#1143492)

  - CVE-2019-5859: res: URIs can load alternative browsers     (boo#1143492)

  - CVE-2019-5856: Insufficient checks on filesystem: URI     permissions (boo#1143492)

  - CVE-2019-5855: Integer overflow in PDFium (boo#1143492)

  - CVE-2019-5865: Site isolation bypass from compromised     renderer (boo#1143492)

  - CVE-2019-5858: Insufficient filtering of Open URL     service parameters (boo#1143492)

  - CVE-2019-5864: Insufficient port filtering in CORS for     extensions (boo#1143492)

  - CVE-2019-5862: AppCache not robust to compromised     renderers (boo#1143492)

  - CVE-2019-5861: Click location incorrectly checked     (boo#1143492)

  - CVE-2019-5857: Comparison of -0 and null yields crash     (boo#1143492)

  - CVE-2019-5854: Integer overflow in PDFium text rendering     (boo#1143492)

  - CVE-2019-5852: Object leak of utility functions     (boo#1143492)

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Chromium is an open source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 76.0.3809.87.

Security Fix(es) :

* chromium-browser: Use-after-free in offline page fetcher (CVE-2019-5850)

* chromium-browser: Use-after-poison in offline audio context (CVE-2019-5851)

* chromium-browser: Memory corruption in regexp length check (CVE-2019-5853)

* chromium-browser: res: URIs can load alternative browsers (CVE-2019-5859)

* chromium-browser: Use-after-free in PDFium (CVE-2019-5860)

* chromium-browser: Integer overflow in PDFium (CVE-2019-5855)

* chromium-browser: Insufficient checks on filesystem: URI permissions (CVE-2019-5856)

* chromium-browser: Site isolation bypass from compromised renderer (CVE-2019-5865)

* chromium-browser: Object leak of utility functions (CVE-2019-5852)

* chromium-browser: Integer overflow in PDFium text rendering (CVE-2019-5854)

* chromium-browser: Comparison of -0 and null yields crash (CVE-2019-5857)

* chromium-browser: Insufficient filtering of Open URL service parameters (CVE-2019-5858)

* chromium-browser: Click location incorrectly checked (CVE-2019-5861)

* chromium-browser: AppCache not robust to compromised renderers (CVE-2019-5862)

* chromium-browser: Insufficient port filtering in CORS for extensions (CVE-2019-5864)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

The version of Google Chrome installed on the remote Windows host is prior to 76.0.3809.87. It is, therefore, affected by multiple vulnerabilities as referenced in the 2019_07_stable-channel-update-for-desktop_30 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote macOS host is prior to 76.0.3809.87. It is, therefore, affected by multiple vulnerabilities as referenced in the 2019_07_stable-channel-update-for-desktop_30 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
127967	GLSA-201908-18 : Chromium, Google Chrome: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
127868	Debian DSA-4500-1 : chromium - security update	Nessus	Debian Local Security Checks	medium
127837	openSUSE Security Update : chromium (openSUSE-2019-1849)	Nessus	SuSE Local Security Checks	medium
127836	openSUSE Security Update : chromium (openSUSE-2019-1848)	Nessus	SuSE Local Security Checks	medium
127828	RHEL 6 : chromium-browser (RHSA-2019:2427)	Nessus	Red Hat Local Security Checks	medium
127120	Google Chrome < 76.0.3809.87 Multiple Vulnerabilities	Nessus	Windows	medium
127119	Google Chrome < 76.0.3809.87 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	medium

CVE-2019-5853

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins