Debian DSA-4289-1 : chromium-browser - security update

high Nessus Plugin ID 117370
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the chromium web browser.

- CVE-2018-16065 Brendon Tiszka discovered an out-of-bounds write issue in the v8 JavaScript library.

- CVE-2018-16066 cloudfuzzer discovered an out-of-bounds read issue in blink/webkit.

- CVE-2018-16067 Zhe Jin discovered an out-of-bounds read issue in the WebAudio implementation.

- CVE-2018-16068 Mark Brand discovered an out-of-bounds write issue in the Mojo message passing library.

- CVE-2018-16069 Mark Brand discovered an out-of-bounds read issue in the swiftshader library.

- CVE-2018-16070 Ivan Fratric discovered an integer overflow issue in the skia library.

- CVE-2018-16071 Natalie Silvanovich discovered a use-after-free issue in the WebRTC implementation.

- CVE-2018-16073 Jun Kokatsu discovered an error in the Site Isolation feature when restoring browser tabs.

- CVE-2018-16074 Jun Kokatsu discovered an error in the Site Isolation feature when using a Blob URL.

- CVE-2018-16075 Pepe Vila discovered an error that could allow remote sites to access local files.

- CVE-2018-16076 Aseksandar Nikolic discovered an out-of-bounds read issue in the pdfium library.

- CVE-2018-16077 Manuel Caballero discovered a way to bypass the Content Security Policy.

- CVE-2018-16078 Cailan Sacks discovered that the Autofill feature could leak saved credit card information.

- CVE-2018-16079 Markus Vervier and Michele Orru discovered a URL spoofing issue.

- CVE-2018-16080 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-16081 Jann Horn discovered that local files could be accessed in the developer tools.

- CVE-2018-16082 Omair discovered a buffer overflow issue in the swiftshader library.

- CVE-2018-16083 Natalie Silvanovich discovered an out-of-bounds read issue in the WebRTC implementation.

- CVE-2018-16084 Jun Kokatsu discovered a way to bypass a user confirmation dialog.

- CVE-2018-16085 Roman Kuksin discovered a use-after-free issue.

Solution

Upgrade the chromium-browser packages.

For the stable distribution (stretch), these problems have been fixed in version 69.0.3497.81-1~deb9u1.

See Also

https://security-tracker.debian.org/tracker/CVE-2018-16065

https://security-tracker.debian.org/tracker/CVE-2018-16066

https://security-tracker.debian.org/tracker/CVE-2018-16067

https://security-tracker.debian.org/tracker/CVE-2018-16068

https://security-tracker.debian.org/tracker/CVE-2018-16069

https://security-tracker.debian.org/tracker/CVE-2018-16070

https://security-tracker.debian.org/tracker/CVE-2018-16071

https://security-tracker.debian.org/tracker/CVE-2018-16073

https://security-tracker.debian.org/tracker/CVE-2018-16074

https://security-tracker.debian.org/tracker/CVE-2018-16075

https://security-tracker.debian.org/tracker/CVE-2018-16076

https://security-tracker.debian.org/tracker/CVE-2018-16077

https://security-tracker.debian.org/tracker/CVE-2018-16078

https://security-tracker.debian.org/tracker/CVE-2018-16079

https://security-tracker.debian.org/tracker/CVE-2018-16080

https://security-tracker.debian.org/tracker/CVE-2018-16081

https://security-tracker.debian.org/tracker/CVE-2018-16082

https://security-tracker.debian.org/tracker/CVE-2018-16083

https://security-tracker.debian.org/tracker/CVE-2018-16084

https://security-tracker.debian.org/tracker/CVE-2018-16085

http://www.nessus.org/u?e33901a2

https://packages.debian.org/source/stretch/chromium-browser

https://www.debian.org/security/2018/dsa-4289

Plugin Details

Severity: High

ID: 117370

File Name: debian_DSA-4289.nasl

Version: 1.5

Type: local

Agent: unix

Published: 9/10/2018

Updated: 1/17/2019

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium-browser, cpe:/o:debian:debian_linux:9.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 9/7/2018

Reference Information

CVE: CVE-2018-16065, CVE-2018-16066, CVE-2018-16067

DSA: 4289