https://crbug.com/1104061

https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html

FEDORA-2020-6da740d38c

DSA-4824

GLSA-202101-30

The remote host is affected by the vulnerability described in GLSA-202101-30 (Qt WebEngine: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Qt WebEngine. Please       review the CVE identifiers referenced below for details.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

Multiple security issues were discovered in the Chromium web browser, which could result in the execution of arbitrary code, denial of service or information disclosure.

This update for opera fixes the following issues :

Update to version 70.0.3728.133

  - CHR-8053 Update chromium on desktop-stable-84-3728 to     84.0.4147.125

  - DNA-87289 Crash at views::NativeWidgetMacNSWindowHost::
    OnNativeViewHostDetach(views::View const*)

  - DNA-87831 [Linux] Sidebar panel cannot be pinned

  - DNA-88057 [Win] Black rectangle flickers at the bottom     of the page on startup

  - DNA-88157 Sidebar Messenger too low in FullScreen mode

  - DNA-88238 [macOS 10.15] Toolbar buttons not visible on     inactive tab

  - The update to chromium 84.0.4147.125 fixes following     issues :

  - CVE-2020-6542, CVE-2020-6543, CVE-2020-6544,     CVE-2020-6545, CVE-2020-6546, CVE-2020-6547,     CVE-2020-6548, CVE-2020-6549, CVE-2020-6550,     CVE-2020-6551, CVE-2020-6552, CVE-2020-6553,     CVE-2020-6554, CVE-2020-6555

  - Update to version 70.0.3728.119

  - DNA-88215 Introduce easy-setup-hint-ref feature flag

  - Update to version 70.0.3728.106

  - DNA-88014 [Mac] Toolbar in fullscreen disabled after     using fullscreen from videoplayer

  - Update to version 70.0.3728.95

  - CHR-8026 Update chromium on desktop-stable-84-3728 to     84.0.4147.105

  - DNA-86340 Wrong link to the help page

  - DNA-87394 [Big Sur] Some popovers have incorrectly     themed arrow

  - DNA-87647 [Win] The [+] button flickers after creating a     new tab

  - DNA-87794 Crash at aura::Window::SetVisible(bool)

  - DNA-87796 Search in tabs should closed on second click

  - DNA-87863 Parameter placing issue in all languages

  - The update to chromium 84.0.4147.105 fixes following     issues :

  - CVE-2020-6537, CVE-2020-6538, CVE-2020-6532,     CVE-2020-6539, CVE-2020-6540, CVE-2020-6541

Update to Chromium 85.0.4183.83. Bugs fixed, security holes patched, and features added. Hold on to your butts.

List of CVEs resolved with this update: CVE-2020-6532 CVE-2020-6537 CVE-2020-6538 CVE-2020-6539 CVE-2020-6540 CVE-2020-6541 CVE-2020-6542 CVE-2020-6543 CVE-2020-6544 CVE-2020-6545 CVE-2020-6546 CVE-2020-6547 CVE-2020-6548 CVE-2020-6549 CVE-2020-6550 CVE-2020-6551 CVE-2020-6552 CVE-2020-6553 CVE-2020-6554 CVE-2020-6555 CVE-2020-6556 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567 CVE-2020-6568 CVE-2020-6569 CVE-2020-6570 CVE-2020-6571

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3377 advisory.

  - chromium-browser: Heap buffer overflow in background fetch (CVE-2020-6510)

  - chromium-browser: Side-channel information leakage in content security policy (CVE-2020-6511)

  - chromium-browser: Type Confusion in V8 (CVE-2020-6512, CVE-2020-6533, CVE-2020-6537)

  - chromium-browser: Heap buffer overflow in PDFium (CVE-2020-6513)

  - chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514, CVE-2020-6529)

  - chromium-browser: Use after free in tab strip (CVE-2020-6515)

  - chromium-browser: Policy bypass in CORS (CVE-2020-6516)

  - chromium-browser: Heap buffer overflow in history (CVE-2020-6517)

  - chromium-browser: Use after free in developer tools (CVE-2020-6518)

  - chromium-browser: Policy bypass in CSP (CVE-2020-6519)

  - chromium-browser: Heap buffer overflow in Skia (CVE-2020-6520, CVE-2020-6525, CVE-2020-6540)

  - chromium-browser: Side-channel information leakage in autofill (CVE-2020-6521)

  - chromium-browser: Inappropriate implementation in external protocol handlers (CVE-2020-6522)

  - chromium-browser: Out of bounds write in Skia (CVE-2020-6523)

  - chromium-browser: Heap buffer overflow in WebAudio (CVE-2020-6524)

  - chromium-browser: Inappropriate implementation in iframe sandbox (CVE-2020-6526)

  - chromium-browser: Insufficient policy enforcement in CSP (CVE-2020-6527)

  - chromium-browser: Incorrect security UI in basic auth (CVE-2020-6528)

  - chromium-browser: Out of bounds memory access in developer tools (CVE-2020-6530)

  - chromium-browser: Side-channel information leakage in scroll to text (CVE-2020-6531)

  - chromium-browser: Use after free in SCTP (CVE-2020-6532)

  - chromium-browser: Heap buffer overflow in WebRTC (CVE-2020-6534)

  - chromium-browser: Insufficient data validation in WebUI (CVE-2020-6535)

  - chromium-browser: Incorrect security UI in PWAs (CVE-2020-6536)

  - chromium-browser: Inappropriate implementation in WebView (CVE-2020-6538)

  - chromium-browser: Use after free in CSS (CVE-2020-6539)

  - chromium-browser: Use after free in WebUSB (CVE-2020-6541)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Chromium was updated to 84.0.4147.105 (boo#1174582) :

  - CVE-2020-6537: Type Confusion in V8

  - CVE-2020-6538: Inappropriate implementation in WebView

  - CVE-2020-6532: Use after free in SCTP

  - CVE-2020-6539: Use after free in CSS

  - CVE-2020-6540: Heap buffer overflow in Skia

  - CVE-2020-6541: Use after free in WebUSB

The remote host is affected by the vulnerability described in GLSA-202007-59 (Chromium, Google Chrome: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium and Google       Chrome. Please review the CVE identifiers referenced below for details.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

Chrome Releases reports :

This update contains 8 security fixes, including :

- [1105318] High CVE-2020-6537: Type Confusion in V8. Reported by Alphalaab on 2020-07-14

- [1096677] High CVE-2020-6538: Inappropriate implementation in WebView. Reported by Yongke Wang(@Rudykewang) and Aryb1n(@aryb1n) of Tencent Security Xuanwu Lab on 2020-06-18

- [1104061] High CVE-2020-6532: Use after free in SCTP. Reported by Anonymous on 2020-07-09

- [1105635] High CVE-2020-6539: Use after free in CSS. Reported by Oriol Brufau on 2020-07-14

- [1105720] High CVE-2020-6540: Heap buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2020-07-15

- [1106773] High CVE-2020-6541: Use after free in WebUSB. Reported by Sergei Glazunov of Google Project Zero on 2020-07-17

The version of Google Chrome installed on the remote host is prior to 84.0.4147.105. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_07_stable-channel-update-for-desktop_27 advisory. Note that Nessus Network Monitor has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote Windows host is prior to 84.0.4147.105. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_07_stable-channel-update-for-desktop_27 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote macOS host is prior to 84.0.4147.105. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_07_stable-channel-update-for-desktop_27 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
145430	GLSA-202101-30 : Qt WebEngine: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
144672	Debian DSA-4824-1 : chromium - security update	Nessus	Debian Local Security Checks	high
141904	openSUSE Security Update : opera (openSUSE-2020-1320)	Nessus	SuSE Local Security Checks	high
140550	Fedora 31 : chromium (2020-88bf0a76d1)	Nessus	Fedora Local Security Checks	high
140307	Fedora 32 : chromium (2020-a1f140614b)	Nessus	Fedora Local Security Checks	high
140240	openSUSE Security Update : opera (openSUSE-2020-1324)	Nessus	SuSE Local Security Checks	high
139467	RHEL 6 : chromium-browser (RHSA-2020:3377)	Nessus	Red Hat Local Security Checks	high
139443	openSUSE Security Update : chromium (openSUSE-2020-1154)	Nessus	SuSE Local Security Checks	high
139122	GLSA-202007-59 : Chromium, Google Chrome: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
139110	FreeBSD : chromium -- multiple vulnerabilities (9a447f78-d0f8-11ea-9837-e09467587c17)	Nessus	FreeBSD Local Security Checks	high
701282	Google Chrome < 84.0.4147.105 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
139001	Google Chrome < 84.0.4147.105 Multiple Vulnerabilities	Nessus	Windows	high
139000	Google Chrome < 84.0.4147.105 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	high

CVE-2020-6532

high

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high