Debian DSA-4237-1 : chromium-browser - security update

high Nessus Plugin ID 110820
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 7.4

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the chromium web browser.

- CVE-2018-6118 Ned Williamson discovered a use-after-free issue.

- CVE-2018-6120 Zhou Aiting discovered a buffer overflow issue in the pdfium library.

- CVE-2018-6121 It was discovered that malicious extensions could escalate privileges.

- CVE-2018-6122 A type confusion issue was discovered in the v8 JavaScript library.

- CVE-2018-6123 Looben Yang discovered a use-after-free issue.

- CVE-2018-6124 Guang Gong discovered a type confusion issue.

- CVE-2018-6125 Yubico discovered that the WebUSB implementation was too permissive.

- CVE-2018-6126 Ivan Fratric discovered a buffer overflow issue in the skia library.

- CVE-2018-6127 Looben Yang discovered a use-after-free issue.

- CVE-2018-6129 Natalie Silvanovich discovered an out-of-bounds read issue in WebRTC.

- CVE-2018-6130 Natalie Silvanovich discovered an out-of-bounds read issue in WebRTC.

- CVE-2018-6131 Natalie Silvanovich discovered an error in WebAssembly.

- CVE-2018-6132 Ronald E. Crane discovered an uninitialized memory issue.

- CVE-2018-6133 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6134 Jun Kokatsu discovered a way to bypass the Referrer Policy.

- CVE-2018-6135 Jasper Rebane discovered a user interface spoofing issue.

- CVE-2018-6136 Peter Wong discovered an out-of-bounds read issue in the v8 JavaScript library.

- CVE-2018-6137 Michael Smith discovered an information leak.

- CVE-2018-6138 Francois Lajeunesse-Robert discovered that the extensions policy was too permissive.

- CVE-2018-6139 Rob Wu discovered a way to bypass restrictions in the debugger extension.

- CVE-2018-6140 Rob Wu discovered a way to bypass restrictions in the debugger extension.

- CVE-2018-6141 Yangkang discovered a buffer overflow issue in the skia library.

- CVE-2018-6142 Choongwoo Han discovered an out-of-bounds read in the v8 JavaScript library.

- CVE-2018-6143 Guang Gong discovered an out-of-bounds read in the v8 JavaScript library.

- CVE-2018-6144 pdknsk discovered an out-of-bounds read in the pdfium library.

- CVE-2018-6145 Masato Kinugawa discovered an error in the MathML implementation.

- CVE-2018-6147 Michail Pishchagin discovered an error in password entry fields.

- CVE-2018-6148 Michal Bentkowski discovered that the Content Security Policy header was handled incorrectly.

- CVE-2018-6149 Yu Zhou and Jundong Xie discovered an out-of-bounds write issue in the v8 JavaScript library.

Solution

Upgrade the chromium-browser packages.

For the stable distribution (stretch), these problems have been fixed in version 67.0.3396.87-1~deb9u1.

See Also

https://security-tracker.debian.org/tracker/CVE-2018-6118

https://security-tracker.debian.org/tracker/CVE-2018-6120

https://security-tracker.debian.org/tracker/CVE-2018-6121

https://security-tracker.debian.org/tracker/CVE-2018-6122

https://security-tracker.debian.org/tracker/CVE-2018-6123

https://security-tracker.debian.org/tracker/CVE-2018-6124

https://security-tracker.debian.org/tracker/CVE-2018-6125

https://security-tracker.debian.org/tracker/CVE-2018-6126

https://security-tracker.debian.org/tracker/CVE-2018-6127

https://security-tracker.debian.org/tracker/CVE-2018-6129

https://security-tracker.debian.org/tracker/CVE-2018-6130

https://security-tracker.debian.org/tracker/CVE-2018-6131

https://security-tracker.debian.org/tracker/CVE-2018-6132

https://security-tracker.debian.org/tracker/CVE-2018-6133

https://security-tracker.debian.org/tracker/CVE-2018-6134

https://security-tracker.debian.org/tracker/CVE-2018-6135

https://security-tracker.debian.org/tracker/CVE-2018-6136

https://security-tracker.debian.org/tracker/CVE-2018-6137

https://security-tracker.debian.org/tracker/CVE-2018-6138

https://security-tracker.debian.org/tracker/CVE-2018-6139

https://security-tracker.debian.org/tracker/CVE-2018-6140

https://security-tracker.debian.org/tracker/CVE-2018-6141

https://security-tracker.debian.org/tracker/CVE-2018-6142

https://security-tracker.debian.org/tracker/CVE-2018-6143

https://security-tracker.debian.org/tracker/CVE-2018-6144

https://security-tracker.debian.org/tracker/CVE-2018-6145

https://security-tracker.debian.org/tracker/CVE-2018-6147

https://security-tracker.debian.org/tracker/CVE-2018-6148

https://security-tracker.debian.org/tracker/CVE-2018-6149

http://www.nessus.org/u?e33901a2

https://packages.debian.org/source/stretch/chromium-browser

https://www.debian.org/security/2018/dsa-4237

Plugin Details

Severity: High

ID: 110820

File Name: debian_DSA-4237.nasl

Version: 1.8

Type: local

Agent: unix

Published: 7/2/2018

Updated: 7/15/2019

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 7.4

CVSS v2.0

Base Score: 9.3

Temporal Score: 7.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: E:POC/RL:OF/RC:C

CVSS v3.0

Base Score: 9.6

Temporal Score: 8.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium-browser, cpe:/o:debian:debian_linux:9.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/30/2018

Vulnerability Publication Date: 1/9/2019

Reference Information

CVE: CVE-2018-6118, CVE-2018-6120, CVE-2018-6121, CVE-2018-6122, CVE-2018-6123, CVE-2018-6124, CVE-2018-6125, CVE-2018-6126, CVE-2018-6127, CVE-2018-6129, CVE-2018-6130, CVE-2018-6131, CVE-2018-6132, CVE-2018-6133, CVE-2018-6134, CVE-2018-6135, CVE-2018-6136, CVE-2018-6137, CVE-2018-6138, CVE-2018-6139, CVE-2018-6140, CVE-2018-6141, CVE-2018-6142, CVE-2018-6143, CVE-2018-6144, CVE-2018-6145, CVE-2018-6147, CVE-2018-6148, CVE-2018-6149