https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop.html

https://crbug.com/1108351

openSUSE-SU-2020:1829

FEDORA-2020-127d40f1ab

FEDORA-2020-8aca25b5c8

FEDORA-2020-4e8e48da22

DSA-4824

GLSA-202101-30

The remote host is affected by the vulnerability described in GLSA-202101-30 (Qt WebEngine: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Qt WebEngine. Please       review the CVE identifiers referenced below for details.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

Multiple security issues were discovered in the Chromium web browser, which could result in the execution of arbitrary code, denial of service or information disclosure.

Update to 86.0.4240.183.

Fixes the following security issues: CVE-2020-16004 CVE-2020-16005 CVE-2020-16006 CVE-2020-16008 CVE-2020-16009

Also disables the very verbose output going to stdout.

----

Update to Chromium 86. A few big things here :

1. Upstream has made hardware accelerated video support (VAAPI) for Linux possible without patches. One key difference is that the patchset used previously in Fedora enabled it by default and upstream's approach disables it by default. To enable Hardware accelerated video in chromium, open this link in chromium :

chrome://flags/#enable-accelerated-video-decode

Be sure it is turned on. Note that not all GPUs are supported.

2. All the security fixes you expect with a major release:
CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971 CVE-2020-15972 CVE-2020-15990 CVE-2020-15991 CVE-2020-15973 CVE-2020-15974 CVE-2020-15975 CVE-2020-15976 CVE-2020-6557 CVE-2020-15977 CVE-2020-15978 CVE-2020-15979 CVE-2020-15980 CVE-2020-15981 CVE-2020-15982 CVE-2020-15983 CVE-2020-15984 CVE-2020-15985 CVE-2020-15986 CVE-2020-15987 CVE-2020-15992 CVE-2020-15988 CVE-2020-15989 CVE-2020-16000 CVE-2020-16001 CVE-2020-16002 CVE-2020-16003

3. Without bats acting as pollinators, agave and cacao plants would struggle. That means that bats are responsible for tequila and chocolate.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Update to Chromium 86. A few big things here :

1. Upstream has made hardware accelerated video support (VAAPI) for Linux possible without patches. One key difference is that the patchset used previously in Fedora enabled it by default and upstream's approach disables it by default. To enable Hardware accelerated video in chromium, open this link in chromium :

chrome://flags/#enable-accelerated-video-decode

Be sure it is turned on. Note that not all GPUs are supported.

2. All the security fixes you expect with a major release:
CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971 CVE-2020-15972 CVE-2020-15990 CVE-2020-15991 CVE-2020-15973 CVE-2020-15974 CVE-2020-15975 CVE-2020-15976 CVE-2020-6557 CVE-2020-15977 CVE-2020-15978 CVE-2020-15979 CVE-2020-15980 CVE-2020-15981 CVE-2020-15982 CVE-2020-15983 CVE-2020-15984 CVE-2020-15985 CVE-2020-15986 CVE-2020-15987 CVE-2020-15992 CVE-2020-15988 CVE-2020-15989 CVE-2020-16000 CVE-2020-16001 CVE-2020-16002 CVE-2020-16003

3. Without bats acting as pollinators, agave and cacao plants would struggle. That means that bats are responsible for tequila and chocolate.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for chromium fixes the following issues :

-chromium was updated to 86.0.4240.75 (boo#1177408) :

  - CVE-2020-15967: Fixed Use after free in payments.

  - CVE-2020-15968: Fixed Use after free in Blink.

  - CVE-2020-15969: Fixed Use after free in WebRTC. 

  - CVE-2020-15970: Fixed Use after free in NFC.

  - CVE-2020-15971: Fixed Use after free in printing. 

  - CVE-2020-15972: Fixed Use after free in audio. 

  - CVE-2020-15990: Fixed Use after free in autofill. 

  - CVE-2020-15991: Fixed Use after free in password     manager.

  - CVE-2020-15973: Fixed Insufficient policy enforcement in     extensions.

  - CVE-2020-15974: Fixed Integer overflow in Blink. 

  - CVE-2020-15975: Fixed Integer overflow in SwiftShader. 

  - CVE-2020-15976: Fixed Use after free in WebXR. 

  - CVE-2020-6557: Fixed Inappropriate implementation in     networking. 

  - CVE-2020-15977: Fixed Insufficient data validation in     dialogs.

  - CVE-2020-15978: Fixed Insufficient data validation in     navigation.

  - CVE-2020-15979: Fixed Inappropriate implementation in     V8.

  - CVE-2020-15980: Fixed Insufficient policy enforcement in     Intents.

  - CVE-2020-15981: Fixed Out of bounds read in audio. 

  - CVE-2020-15982: Fixed Side-channel information leakage     in cache. 

  - CVE-2020-15983: Fixed Insufficient data validation in     webUI.

  - CVE-2020-15984: Fixed Insufficient policy enforcement in     Omnibox. 

  - CVE-2020-15985: Fixed Inappropriate implementation in     Blink. 

  - CVE-2020-15986: Fixed Integer overflow in media. 

  - CVE-2020-15987: Fixed Use after free in WebRTC. 

  - CVE-2020-15992: Fixed Insufficient policy enforcement in     networking. 

  - CVE-2020-15988: Fixed Insufficient policy enforcement in     downloads.

  - CVE-2020-15989: Fixed Uninitialized Use in PDFium.

The remote host is affected by the vulnerability described in GLSA-202010-01 (Chromium, Google Chrome: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium and Google       Chrome. Please review the CVE identifiers referenced below for details.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4235 advisory.

  - chromium-browser: Use after free in payments (CVE-2020-15967)

  - chromium-browser: Use after free in Blink (CVE-2020-15968)

  - chromium-browser: Use after free in WebRTC (CVE-2020-15969, CVE-2020-15987)

  - chromium-browser: Use after free in NFC (CVE-2020-15970)

  - chromium-browser: Use after free in printing (CVE-2020-15971)

  - chromium-browser: Use after free in audio (CVE-2020-15972)

  - chromium-browser: Insufficient policy enforcement in extensions (CVE-2020-15973)

  - chromium-browser: Integer overflow in Blink (CVE-2020-15974)

  - chromium-browser: Integer overflow in SwiftShader (CVE-2020-15975)

  - chromium-browser: Use after free in WebXR (CVE-2020-15976)

  - chromium-browser: Insufficient data validation in dialogs (CVE-2020-15977)

  - chromium-browser: Insufficient data validation in navigation (CVE-2020-15978)

  - chromium-browser: Inappropriate implementation in V8 (CVE-2020-15979)

  - chromium-browser: Insufficient policy enforcement in Intents (CVE-2020-15980)

  - chromium-browser: Out of bounds read in audio (CVE-2020-15981)

  - chromium-browser: Side-channel information leakage in cache (CVE-2020-15982)

  - chromium-browser: Insufficient data validation in webUI (CVE-2020-15983)

  - chromium-browser: Insufficient policy enforcement in Omnibox (CVE-2020-15984)

  - chromium-browser: Inappropriate implementation in Blink (CVE-2020-15985)

  - chromium-browser: Integer overflow in media (CVE-2020-15986)

  - chromium-browser: Insufficient policy enforcement in downloads (CVE-2020-15988)

  - chromium-browser: Uninitialized use in PDFium (CVE-2020-15989)

  - chromium-browser: Use after free in autofill (CVE-2020-15990)

  - chromium-browser: Use after free in password manager (CVE-2020-15991)

  - chromium-browser: Insufficient policy enforcement in networking (CVE-2020-15992)

  - chromium-browser: Inappropriate implementation in networking (CVE-2020-6557)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Microsoft Edge installed on the remote Windows host is prior to 86.0.622.38. It is, therefore, affected by multiple vulnerabilities as referenced in the ADV200002-10-8-2020 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Chrome releases reports :

This release contains 35 security fixes, including :

- [1127322] Critical CVE-2020-15967: Use after free in payments.
Reported by Man Yue Mo of GitHub Security Lab on 2020-09-11

- [1126424] High CVE-2020-15968: Use after free in Blink. Reported by Anonymous on 2020-09-09

- [1124659] High CVE-2020-15969: Use after free in WebRTC. Reported by Anonymous on 2020-09-03

- [1108299] High CVE-2020-15970: Use after free in NFC. Reported by Man Yue Mo of GitHub Security Lab on 2020-07-22

- [1114062] High CVE-2020-15971: Use after free in printing. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-08-07

- [1115901] High CVE-2020-15972: Use after free in audio. Reported by Anonymous on 2020-08-13

- [1133671] High CVE-2020-15990: Use after free in autofill. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30

- [1133688] High CVE-2020-15991: Use after free in password manager.
Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30

- [1106890] Medium CVE-2020-15973: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-07-17

- [1104103] Medium CVE-2020-15974: Integer overflow in Blink. Reported by Juno Im (junorouse) of Theori on 2020-07-10

- [1110800] Medium CVE-2020-15975: Integer overflow in SwiftShader.
Reported by Anonymous on 2020-07-29

- [1123522] Medium CVE-2020-15976: Use after free in WebXR. Reported by YoungJoo Lee (@ashuu_lee) of Raon Whitehat on 2020-08-31

- [1083278] Medium CVE-2020-6557: Inappropriate implementation in networking. Reported by Matthias Gierlings and Marcus Brinkmann (NDS Ruhr-University Bochum) on 2020-05-15

- [1097724] Medium CVE-2020-15977: Insufficient data validation in dialogs. Reported by Narendra Bhati (@imnarendrabhati) on 2020-06-22

- [1116280] Medium CVE-2020-15978: Insufficient data validation in navigation. Reported by Luan Herrera (@lbherrera_) on 2020-08-14

- [1127319] Medium CVE-2020-15979: Inappropriate implementation in V8.
Reported by Avihay Cohen (@SeraphicAlgorithms) on 2020-09-11

- [1092453] Medium CVE-2020-15980: Insufficient policy enforcement in Intents. Reported by Yongke Wang (@Rudykewang) and Aryb1n (@aryb1n) of Tencent Security Xuanwu Lab on 2020-06-08

- [1123023] Medium CVE-2020-15981: Out of bounds read in audio.
Reported by Christoph Guttandin on 2020-08-28

- [1039882] Medium CVE-2020-15982: Side-channel information leakage in cache. Reported by Luan Herrera (@lbherrera_) on 2020-01-07

- [1076786] Medium CVE-2020-15983: Insufficient data validation in webUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-04-30

- [1080395] Medium CVE-2020-15984: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora on 2020-05-07

- [1099276] Medium CVE-2020-15985: Inappropriate implementation in Blink. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2020-06-25

- [1100247] Medium CVE-2020-15986: Integer overflow in media. Reported by Mark Brand of Google Project Zero on 2020-06-29

- [1127774] Medium CVE-2020-15987: Use after free in WebRTC. Reported by Philipp Hancke on 2020-09-14

- [1110195] Medium CVE-2020-15992: Insufficient policy enforcement in networking. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-28

- [1092518] Low CVE-2020-15988: Insufficient policy enforcement in downloads. Reported by Samuel Attard on 2020-06-08

- [1108351] Low CVE-2020-15989: Uninitialized Use in PDFium. Reported by Gareth Evans (Microsoft) on 2020-07-22

The version of Google Chrome installed on the remote macOS host is prior to 86.0.4240.75. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_10_stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote Windows host is prior to 86.0.4240.75. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_10_stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
145430	GLSA-202101-30 : Qt WebEngine: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
144672	Debian DSA-4824-1 : chromium - security update	Nessus	Debian Local Security Checks	high
142955	Fedora 33 : chromium (2020-4e8e48da22)	Nessus	Fedora Local Security Checks	high
142587	Fedora 32 : chromium (2020-127d40f1ab)	Nessus	Fedora Local Security Checks	high
142542	Fedora 31 : chromium (2020-8aca25b5c8)	Nessus	Fedora Local Security Checks	high
141840	openSUSE Security Update : chromium (openSUSE-2020-1705)	Nessus	SuSE Local Security Checks	high
141505	GLSA-202010-01 : Chromium, Google Chrome: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
141453	RHEL 6 : chromium-browser (RHSA-2020:4235)	Nessus	Red Hat Local Security Checks	high
141363	Microsoft Edge (Chromium) < 86.0.622.38 Multiple Vulnerabilities	Nessus	Windows	high
141284	FreeBSD : chromium -- multiple vulnerabilities (64988354-0889-11eb-a01b-e09467587c17)	Nessus	FreeBSD Local Security Checks	high
141195	Google Chrome < 86.0.4240.75 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	high
141194	Google Chrome < 86.0.4240.75 Multiple Vulnerabilities	Nessus	Windows	high

CVE-2020-15989

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high