Debian DSA-4256-1 : chromium-browser - security update

critical Nessus Plugin ID 111360
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the chromium web browser.

- CVE-2018-4117 AhsanEjaz discovered an information leak.

- CVE-2018-6044 Rob Wu discovered a way to escalate privileges using extensions.

- CVE-2018-6150 Rob Wu discovered an information disclosure issue (this problem was fixed in a previous release but was mistakenly omitted from upstream's announcement at the time).

- CVE-2018-6151 Rob Wu discovered an issue in the developer tools (this problem was fixed in a previous release but was mistakenly omitted from upstream's announcement at the time).

- CVE-2018-6152 Rob Wu discovered an issue in the developer tools (this problem was fixed in a previous release but was mistakenly omitted from upstream's announcement at the time).

- CVE-2018-6153 Zhen Zhou discovered a buffer overflow issue in the skia library.

- CVE-2018-6154 Omair discovered a buffer overflow issue in the WebGL implementation.

- CVE-2018-6155 Natalie Silvanovich discovered a use-after-free issue in the WebRTC implementation.

- CVE-2018-6156 Natalie Silvanovich discovered a buffer overflow issue in the WebRTC implementation.

- CVE-2018-6157 Natalie Silvanovich discovered a type confusion issue in the WebRTC implementation.

- CVE-2018-6158 Zhe Jin discovered a use-after-free issue.

- CVE-2018-6159 Jun Kokatsu discovered a way to bypass the same origin policy.

- CVE-2018-6161 Jun Kokatsu discovered a way to bypass the same origin policy.

- CVE-2018-6162 Omair discovered a buffer overflow issue in the WebGL implementation.

- CVE-2018-6163 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6164 Jun Kokatsu discovered a way to bypass the same origin policy.

- CVE-2018-6165 evil1m0 discovered a URL spoofing issue.

- CVE-2018-6166 Lynas Zhang discovered a URL spoofing issue.

- CVE-2018-6167 Lynas Zhang discovered a URL spoofing issue.

- CVE-2018-6168 Gunes Acar and Danny Y. Huang discovered a way to bypass the Cross Origin Resource Sharing policy.

- CVE-2018-6169 Sam P discovered a way to bypass permissions when installing extensions.

- CVE-2018-6170 A type confusion issue was discovered in the pdfium library.

- CVE-2018-6171 A use-after-free issue was discovered in the WebBluetooth implementation.

- CVE-2018-6172 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6173 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6174 Mark Brand discovered an integer overflow issue in the swiftshader library.

- CVE-2018-6175 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-6176 Jann Horn discovered a way to escalate privileges using extensions.

- CVE-2018-6177 Ron Masas discovered an information leak.

- CVE-2018-6178 Khalil Zhani discovered a user interface spoofing issue.

- CVE-2018-6179 It was discovered that information about files local to the system could be leaked to extensions.

This version also fixes a regression introduced in the previous security update that could prevent decoding of particular audio/video codecs.

Solution

Upgrade the chromium-browser packages.

For the stable distribution (stretch), these problems have been fixed in version 68.0.3440.75-1~deb9u1.

See Also

https://security-tracker.debian.org/tracker/CVE-2018-4117

https://security-tracker.debian.org/tracker/CVE-2018-6044

https://security-tracker.debian.org/tracker/CVE-2018-6150

https://security-tracker.debian.org/tracker/CVE-2018-6151

https://security-tracker.debian.org/tracker/CVE-2018-6152

https://security-tracker.debian.org/tracker/CVE-2018-6153

https://security-tracker.debian.org/tracker/CVE-2018-6154

https://security-tracker.debian.org/tracker/CVE-2018-6155

https://security-tracker.debian.org/tracker/CVE-2018-6156

https://security-tracker.debian.org/tracker/CVE-2018-6157

https://security-tracker.debian.org/tracker/CVE-2018-6158

https://security-tracker.debian.org/tracker/CVE-2018-6159

https://security-tracker.debian.org/tracker/CVE-2018-6161

https://security-tracker.debian.org/tracker/CVE-2018-6162

https://security-tracker.debian.org/tracker/CVE-2018-6163

https://security-tracker.debian.org/tracker/CVE-2018-6164

https://security-tracker.debian.org/tracker/CVE-2018-6165

https://security-tracker.debian.org/tracker/CVE-2018-6166

https://security-tracker.debian.org/tracker/CVE-2018-6167

https://security-tracker.debian.org/tracker/CVE-2018-6168

https://security-tracker.debian.org/tracker/CVE-2018-6169

https://security-tracker.debian.org/tracker/CVE-2018-6170

https://security-tracker.debian.org/tracker/CVE-2018-6171

https://security-tracker.debian.org/tracker/CVE-2018-6172

https://security-tracker.debian.org/tracker/CVE-2018-6173

https://security-tracker.debian.org/tracker/CVE-2018-6174

https://security-tracker.debian.org/tracker/CVE-2018-6175

https://security-tracker.debian.org/tracker/CVE-2018-6176

https://security-tracker.debian.org/tracker/CVE-2018-6177

https://security-tracker.debian.org/tracker/CVE-2018-6178

https://security-tracker.debian.org/tracker/CVE-2018-6179

http://www.nessus.org/u?e33901a2

https://packages.debian.org/source/stretch/chromium-browser

https://www.debian.org/security/2018/dsa-4256

Plugin Details

Severity: Critical

ID: 111360

File Name: debian_DSA-4256.nasl

Version: 1.8

Type: local

Agent: unix

Published: 7/27/2018

Updated: 7/15/2019

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium-browser, cpe:/o:debian:debian_linux:9.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 7/26/2018

Vulnerability Publication Date: 4/3/2018

Reference Information

CVE: CVE-2018-4117, CVE-2018-6044, CVE-2018-6150, CVE-2018-6151, CVE-2018-6152, CVE-2018-6153, CVE-2018-6154, CVE-2018-6155, CVE-2018-6156, CVE-2018-6157, CVE-2018-6158, CVE-2018-6159, CVE-2018-6161, CVE-2018-6162, CVE-2018-6163, CVE-2018-6164, CVE-2018-6165, CVE-2018-6166, CVE-2018-6167, CVE-2018-6168, CVE-2018-6169, CVE-2018-6170, CVE-2018-6171, CVE-2018-6172, CVE-2018-6173, CVE-2018-6174, CVE-2018-6175, CVE-2018-6176, CVE-2018-6177, CVE-2018-6178, CVE-2018-6179

DSA: 4256