Debian DSA-4182-1 : chromium-browser - security update

high Nessus Plugin ID 109411

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the chromium web browser.

- CVE-2018-6056 lokihardt discovered an error in the v8 JavaScript library.

- CVE-2018-6057 Gal Beniamini discovered errors related to shared memory permissions.

- CVE-2018-6060 Omair discovered a use-after-free issue in blink/webkit.

- CVE-2018-6061 Guang Gong discovered a race condition in the v8 JavaScript library.

- CVE-2018-6062 A heap overflow issue was discovered in the v8 JavaScript library.

- CVE-2018-6063 Gal Beniamini discovered errors related to shared memory permissions.

- CVE-2018-6064 lokihardt discovered a type confusion error in the v8 JavaScript library.

- CVE-2018-6065 Mark Brand discovered an integer overflow issue in the v8 JavaScript library.

- CVE-2018-6066 Masato Kinugawa discovered a way to bypass the Same Origin Policy.

- CVE-2018-6067 Ned Williamson discovered a buffer overflow issue in the skia library.

- CVE-2018-6068 Luan Herrera discovered object lifecycle issues.

- CVE-2018-6069 Wanglu and Yangkang discovered a stack overflow issue in the skia library.

- CVE-2018-6070 Rob Wu discovered a way to bypass the Content Security Policy.

- CVE-2018-6071 A heap overflow issue was discovered in the skia library.

- CVE-2018-6072 Atte Kettunen discovered an integer overflow issue in the pdfium library.

- CVE-2018-6073 Omair discover a heap overflow issue in the WebGL implementation.

- CVE-2018-6074 Abdulrahman Alqabandi discovered a way to cause a downloaded web page to not contain a Mark of the Web.

- CVE-2018-6075 Inti De Ceukelaire discovered a way to bypass the Same Origin Policy.

- CVE-2018-6076 Mateusz Krzeszowiec discovered that URL fragment identifiers could be handled incorrectly.

- CVE-2018-6077 Khalil Zhani discovered a timing issue.

- CVE-2018-6078 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6079 Ivars discovered an information disclosure issue.

- CVE-2018-6080 Gal Beniamini discovered an information disclosure issue.

- CVE-2018-6081 Rob Wu discovered a cross-site scripting issue.

- CVE-2018-6082 WenXu Wu discovered a way to bypass blocked ports.

- CVE-2018-6083 Jun Kokatsu discovered that AppManifests could be handled incorrectly.

- CVE-2018-6085 Ned Williamson discovered a use-after-free issue.

- CVE-2018-6086 Ned Williamson discovered a use-after-free issue.

- CVE-2018-6087 A use-after-free issue was discovered in the WebAssembly implementation.

- CVE-2018-6088 A use-after-free issue was discovered in the pdfium library.

- CVE-2018-6089 Rob Wu discovered a way to bypass the Same Origin Policy.

- CVE-2018-6090 ZhanJia Song discovered a heap overflow issue in the skia library.

- CVE-2018-6091 Jun Kokatsu discovered that plugins could be handled incorrectly.

- CVE-2018-6092 Natalie Silvanovich discovered an integer overflow issue in the WebAssembly implementation.

- CVE-2018-6093 Jun Kokatsu discovered a way to bypass the Same Origin Policy.

- CVE-2018-6094 Chris Rohlf discovered a regression in garbage collection hardening.

- CVE-2018-6095 Abdulrahman Alqabandi discovered files could be uploaded without user interaction.

- CVE-2018-6096 WenXu Wu discovered a user interface spoofing issue.

- CVE-2018-6097 xisigr discovered a user interface spoofing issue.

- CVE-2018-6098 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6099 Jun Kokatsu discovered a way to bypass the Cross Origin Resource Sharing mechanism.

- CVE-2018-6100 Lnyas Zhang discovered a URL spoofing issue.

- CVE-2018-6101 Rob Wu discovered an issue in the developer tools remote debugging protocol.

- CVE-2018-6102 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6103 Khalil Zhani discovered a user interface spoofing issue.

- CVE-2018-6104 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6105 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6106 lokihardt discovered that v8 promises could be handled incorrectly.

- CVE-2018-6107 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6108 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6109 Dominik Weber discovered a way to misuse the FileAPI feature.

- CVE-2018-6110 Wenxiang Qian discovered that local plain text files could be handled incorrectly.

- CVE-2018-6111 Khalil Zhani discovered a use-after-free issue in the developer tools.

- CVE-2018-6112 Khalil Zhani discovered incorrect handling of URLs in the developer tools.

- CVE-2018-6113 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6114 Lnyas Zhang discovered a way to bypass the Content Security Policy.

- CVE-2018-6116 Chengdu Security Response Center discovered an error when memory is low.

- CVE-2018-6117 Spencer Dailey discovered an error in form autofill settings.

Solution

Upgrade the chromium-browser packages.

For the oldstable distribution (jessie), security support for chromium has been discontinued.

For the stable distribution (stretch), these problems have been fixed in version 66.0.3359.117-1~deb9u1.

See Also

https://security-tracker.debian.org/tracker/CVE-2018-6056

https://security-tracker.debian.org/tracker/CVE-2018-6057

https://security-tracker.debian.org/tracker/CVE-2018-6060

https://security-tracker.debian.org/tracker/CVE-2018-6061

https://security-tracker.debian.org/tracker/CVE-2018-6062

https://security-tracker.debian.org/tracker/CVE-2018-6063

https://security-tracker.debian.org/tracker/CVE-2018-6064

https://security-tracker.debian.org/tracker/CVE-2018-6065

https://security-tracker.debian.org/tracker/CVE-2018-6066

https://security-tracker.debian.org/tracker/CVE-2018-6067

https://security-tracker.debian.org/tracker/CVE-2018-6068

https://security-tracker.debian.org/tracker/CVE-2018-6069

https://security-tracker.debian.org/tracker/CVE-2018-6070

https://security-tracker.debian.org/tracker/CVE-2018-6071

https://security-tracker.debian.org/tracker/CVE-2018-6072

https://security-tracker.debian.org/tracker/CVE-2018-6073

https://security-tracker.debian.org/tracker/CVE-2018-6074

https://security-tracker.debian.org/tracker/CVE-2018-6075

https://security-tracker.debian.org/tracker/CVE-2018-6076

https://security-tracker.debian.org/tracker/CVE-2018-6077

https://security-tracker.debian.org/tracker/CVE-2018-6078

https://security-tracker.debian.org/tracker/CVE-2018-6079

https://security-tracker.debian.org/tracker/CVE-2018-6080

https://security-tracker.debian.org/tracker/CVE-2018-6081

https://security-tracker.debian.org/tracker/CVE-2018-6082

https://security-tracker.debian.org/tracker/CVE-2018-6083

https://security-tracker.debian.org/tracker/CVE-2018-6085

https://security-tracker.debian.org/tracker/CVE-2018-6086

https://security-tracker.debian.org/tracker/CVE-2018-6087

https://security-tracker.debian.org/tracker/CVE-2018-6088

https://security-tracker.debian.org/tracker/CVE-2018-6089

https://security-tracker.debian.org/tracker/CVE-2018-6090

https://security-tracker.debian.org/tracker/CVE-2018-6091

https://security-tracker.debian.org/tracker/CVE-2018-6092

https://security-tracker.debian.org/tracker/CVE-2018-6093

https://security-tracker.debian.org/tracker/CVE-2018-6094

https://security-tracker.debian.org/tracker/CVE-2018-6095

https://security-tracker.debian.org/tracker/CVE-2018-6096

https://security-tracker.debian.org/tracker/CVE-2018-6097

https://security-tracker.debian.org/tracker/CVE-2018-6098

https://security-tracker.debian.org/tracker/CVE-2018-6099

https://security-tracker.debian.org/tracker/CVE-2018-6100

https://security-tracker.debian.org/tracker/CVE-2018-6101

https://security-tracker.debian.org/tracker/CVE-2018-6102

https://security-tracker.debian.org/tracker/CVE-2018-6103

https://security-tracker.debian.org/tracker/CVE-2018-6104

https://security-tracker.debian.org/tracker/CVE-2018-6105

https://security-tracker.debian.org/tracker/CVE-2018-6106

https://security-tracker.debian.org/tracker/CVE-2018-6107

https://security-tracker.debian.org/tracker/CVE-2018-6108

https://security-tracker.debian.org/tracker/CVE-2018-6109

https://security-tracker.debian.org/tracker/CVE-2018-6110

https://security-tracker.debian.org/tracker/CVE-2018-6111

https://security-tracker.debian.org/tracker/CVE-2018-6112

https://security-tracker.debian.org/tracker/CVE-2018-6113

https://security-tracker.debian.org/tracker/CVE-2018-6114

https://security-tracker.debian.org/tracker/CVE-2018-6116

https://security-tracker.debian.org/tracker/CVE-2018-6117

http://www.nessus.org/u?e33901a2

https://packages.debian.org/source/stretch/chromium-browser

https://www.debian.org/security/2018/dsa-4182

Plugin Details

Severity: High

ID: 109411

File Name: debian_DSA-4182.nasl

Version: 1.12

Type: local

Agent: unix

Published: 4/30/2018

Updated: 7/5/2022

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.9

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: E:H/RL:OF/RC:C

CVSS Score Source: CVE-2018-6111

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: E:H/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium-browser, cpe:/o:debian:debian_linux:9.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/28/2018

Vulnerability Publication Date: 11/14/2018

CISA Known Exploited Dates: 6/22/2022

Reference Information

CVE: CVE-2018-6056, CVE-2018-6057, CVE-2018-6060, CVE-2018-6061, CVE-2018-6062, CVE-2018-6063, CVE-2018-6064, CVE-2018-6065, CVE-2018-6066, CVE-2018-6067, CVE-2018-6068, CVE-2018-6069, CVE-2018-6070, CVE-2018-6071, CVE-2018-6072, CVE-2018-6073, CVE-2018-6074, CVE-2018-6075, CVE-2018-6076, CVE-2018-6077, CVE-2018-6078, CVE-2018-6079, CVE-2018-6080, CVE-2018-6081, CVE-2018-6082, CVE-2018-6083, CVE-2018-6085, CVE-2018-6086, CVE-2018-6087, CVE-2018-6088, CVE-2018-6089, CVE-2018-6090, CVE-2018-6091, CVE-2018-6092, CVE-2018-6093, CVE-2018-6094, CVE-2018-6095, CVE-2018-6096, CVE-2018-6097, CVE-2018-6098, CVE-2018-6099, CVE-2018-6100, CVE-2018-6101, CVE-2018-6102, CVE-2018-6103, CVE-2018-6104, CVE-2018-6105, CVE-2018-6106, CVE-2018-6107, CVE-2018-6108, CVE-2018-6109, CVE-2018-6110, CVE-2018-6111, CVE-2018-6112, CVE-2018-6113, CVE-2018-6114, CVE-2018-6116, CVE-2018-6117

DSA: 4182