openSUSE-SU-2020:1499

openSUSE-SU-2020:1510

openSUSE-SU-2020:1514

https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_25.html

https://crbug.com/1104628

FEDORA-2020-6da740d38c

DSA-4824

Multiple security issues were discovered in the Chromium web browser, which could result in the execution of arbitrary code, denial of service or information disclosure.

This update for chromium fixes the following issues :

Chromium was updated to version 85.0.4183.102 (bsc#1176306) fixing :

  - CVE-2020-6573: Use after free in video.

  - CVE-2020-6574: Insufficient policy enforcement in     installer. 

  - CVE-2020-6575: Race in Mojo.

  - CVE-2020-6576: Use after free in offscreen canvas. 

  - CVE-2020-15959: Insufficient policy enforcement in     networking.

Chromium was updated to version 85.0.4183.83 (boo#1175757) fixing :

  - CVE-2020-6558: Insufficient policy enforcement in iOS

  - CVE-2020-6559: Use after free in presentation API

  - CVE-2020-6560: Insufficient policy enforcement in     autofill

  - CVE-2020-6561: Inappropriate implementation in Content     Security Policy

  - CVE-2020-6562: Insufficient policy enforcement in Blink

  - CVE-2020-6563: Insufficient policy enforcement in intent     handling.

  - CVE-2020-6564: Incorrect security UI in permissions

  - CVE-2020-6565: Incorrect security UI in Omnibox.

  - CVE-2020-6566: Insufficient policy enforcement in media.

  - CVE-2020-6567: Insufficient validation of untrusted     input in command line handling.

  - CVE-2020-6568: Insufficient policy enforcement in intent     handling.

  - CVE-2020-6569: Integer overflow in WebUSB.

  - CVE-2020-6570: Side-channel information leakage in     WebRTC.

  - CVE-2020-6571: Incorrect security UI in Omnibox.

Update to Chromium 85.0.4183.83. Bugs fixed, security holes patched, and features added. Hold on to your butts.

List of CVEs resolved with this update: CVE-2020-6532 CVE-2020-6537 CVE-2020-6538 CVE-2020-6539 CVE-2020-6540 CVE-2020-6541 CVE-2020-6542 CVE-2020-6543 CVE-2020-6544 CVE-2020-6545 CVE-2020-6546 CVE-2020-6547 CVE-2020-6548 CVE-2020-6549 CVE-2020-6550 CVE-2020-6551 CVE-2020-6552 CVE-2020-6553 CVE-2020-6554 CVE-2020-6555 CVE-2020-6556 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567 CVE-2020-6568 CVE-2020-6569 CVE-2020-6570 CVE-2020-6571

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3723 advisory.

  - chromium-browser: Use after free in presentation API (CVE-2020-6559)

  - chromium-browser: Insufficient policy enforcement in autofill (CVE-2020-6560)

  - chromium-browser: Inappropriate implementation in Content Security Policy (CVE-2020-6561)

  - chromium-browser: Insufficient policy enforcement in Blink (CVE-2020-6562)

  - chromium-browser: Insufficient policy enforcement in intent handling (CVE-2020-6563, CVE-2020-6568)

  - chromium-browser: Incorrect security UI in permissions (CVE-2020-6564)

  - chromium-browser: Incorrect security UI in Omnibox (CVE-2020-6565, CVE-2020-6571)

  - chromium-browser: Insufficient policy enforcement in media (CVE-2020-6566)

  - chromium-browser: Insufficient validation of untrusted input in command line handling (CVE-2020-6567)

  - chromium-browser: Integer overflow in WebUSB (CVE-2020-6569)

  - chromium-browser: Side-channel information leakage in WebRTC (CVE-2020-6570)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

This update for chromium fixes the following issues :

Chromium was updated to version 85.0.4183.83 (boo#1175757) fixing :

  - CVE-2020-6558: Insufficient policy enforcement in iOS

  - CVE-2020-6559: Use after free in presentation API

  - CVE-2020-6560: Insufficient policy enforcement in     autofill

  - CVE-2020-6561: Inappropriate implementation in Content     Security Policy

  - CVE-2020-6562: Insufficient policy enforcement in Blink

  - CVE-2020-6563: Insufficient policy enforcement in intent     handling.

  - CVE-2020-6564: Incorrect security UI in permissions

  - CVE-2020-6565: Incorrect security UI in Omnibox.

  - CVE-2020-6566: Insufficient policy enforcement in media. 

  - CVE-2020-6567: Insufficient validation of untrusted     input in command line handling.

  - CVE-2020-6568: Insufficient policy enforcement in intent     handling.

  - CVE-2020-6569: Integer overflow in WebUSB.

  - CVE-2020-6570: Side-channel information leakage in     WebRTC. 

  - CVE-2020-6571: Incorrect security UI in Omnibox.

This update for chromium fixes the following issues :

Chromium was updated to version 85.0.4183.83 (boo#1175757) fixing :

  - CVE-2020-6558: Insufficient policy enforcement in iOS

  - CVE-2020-6559: Use after free in presentation API

  - CVE-2020-6560: Insufficient policy enforcement in     autofill

  - CVE-2020-6561: Inappropriate implementation in Content     Security Policy

  - CVE-2020-6562: Insufficient policy enforcement in Blink

  - CVE-2020-6563: Insufficient policy enforcement in intent     handling.

  - CVE-2020-6564: Incorrect security UI in permissions

  - CVE-2020-6565: Incorrect security UI in Omnibox.

  - CVE-2020-6566: Insufficient policy enforcement in media.

  - CVE-2020-6567: Insufficient validation of untrusted     input in command line handling.

  - CVE-2020-6568: Insufficient policy enforcement in intent     handling.

  - CVE-2020-6569: Integer overflow in WebUSB.

  - CVE-2020-6570: Side-channel information leakage in     WebRTC.

  - CVE-2020-6571: Incorrect security UI in Omnibox.

The remote host is affected by the vulnerability described in GLSA-202008-11 (Chromium, Google Chrome: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium and Google       Chrome. Please review the CVE identifiers referenced below for details.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

Chrome Releases reports :

This update includes 20 security fixes, including :

- [1109120] High CVE-2020-6558: Insufficient policy enforcement in iOS. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-24

- [1116706] High CVE-2020-6559: Use after free in presentation API.
Reported by Liu Wei and Wu Zekai of Tencent Security Xuanwu Lab on 2020-08-15

- [1108181] Medium CVE-2020-6560: Insufficient policy enforcement in autofill. Reported by Nadja Ungethuem from www.unnex.de on 2020-07-22

- [932892] Medium CVE-2020-6561: Inappropriate implementation in Content Security Policy. Reported by Rob Wu on 2019-02-16

- [1086845] Medium CVE-2020-6562: Insufficient policy enforcement in Blink. Reported by Masato Kinugawa on 2020-05-27

- [1104628] Medium CVE-2020-6563: Insufficient policy enforcement in intent handling. Reported by Pedro Oliveira on 2020-07-12

- [841622] Medium CVE-2020-6564: Incorrect security UI in permissions.
Reported by Khalil Zhani on 2018-05-10

- [1029907] Medium CVE-2020-6565: Incorrect security UI in Omnibox.
Reported by Khalil Zhani on 2019-12-02

- [1065264] Medium CVE-2020-6566: Insufficient policy enforcement in media. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-03-27

- [937179] Low CVE-2020-6567: Insufficient validation of untrusted input in command line handling. Reported by Joshua Graham of TSS on 2019-03-01

- [1092451] Low CVE-2020-6568: Insufficient policy enforcement in intent handling. Reported by Yongke Wang(@Rudykewang) and Aryb1n(@aryb1n) of Tencent Security Xuanwu Lab on 2020-06-08

- [995732] Low CVE-2020-6569: Integer overflow in WebUSB. Reported by guaixiaomei on 2019-08-20

- [1084699] Low CVE-2020-6570: Side-channel information leakage in WebRTC. Reported by Signal/Tenable on 2020-05-19

- [1085315] Low CVE-2020-6571: Incorrect security UI in Omnibox.
Reported by Rayyan Bijoora on 2020-05-21

The version of Google Chrome installed on the remote Windows host is prior to 85.0.4183.83. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_08_stable-channel-update-for-desktop_25 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote macOS host is prior to 85.0.4183.83. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_08_stable-channel-update-for-desktop_25 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
144672	Debian DSA-4824-1 : chromium - security update	Nessus	Debian Local Security Checks	high
140742	openSUSE Security Update : chromium (openSUSE-2020-1499)	Nessus	SuSE Local Security Checks	high
140550	Fedora 31 : chromium (2020-88bf0a76d1)	Nessus	Fedora Local Security Checks	high
140494	RHEL 6 : chromium-browser (RHSA-2020:3723)	Nessus	Red Hat Local Security Checks	high
140307	Fedora 32 : chromium (2020-a1f140614b)	Nessus	Fedora Local Security Checks	high
140171	openSUSE Security Update : chromium (openSUSE-2020-1309)	Nessus	SuSE Local Security Checks	high
140170	openSUSE Security Update : chromium (openSUSE-2020-1306)	Nessus	SuSE Local Security Checks	high
139887	GLSA-202008-11 : Chromium, Google Chrome: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
139886	FreeBSD : chromium -- multiple vulnerabilities (d73bc4e6-e7c4-11ea-a878-e09467587c17)	Nessus	FreeBSD Local Security Checks	high
139794	Google Chrome < 85.0.4183.83 Multiple Vulnerabilities	Nessus	Windows	high
139793	Google Chrome < 85.0.4183.83 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	high

CVE-2020-6563

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high