Debian DSA-4330-1 : chromium-browser - security update

high Nessus Plugin ID 118719
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the chromium web browser.

- CVE-2018-5179 Yannic Boneberger discovered an error in the ServiceWorker implementation.

- CVE-2018-17462 Ned Williamson and Niklas Baumstark discovered a way to escape the sandbox.

- CVE-2018-17463 Ned Williamson and Niklas Baumstark discovered a remote code execution issue in the v8 JavaScript library.

- CVE-2018-17464 xisigr discovered a URL spoofing issue.

- CVE-2018-17465 Lin Zuojian discovered a use-after-free issue in the v8 JavaScript library.

- CVE-2018-17466 Omair discovered a memory corruption issue in the angle library.

- CVE-2018-17467 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-17468 Jams Lee discovered an information disclosure issue.

- CVE-2018-17469 Zhen Zhou discovered a buffer overflow issue in the pdfium library.

- CVE-2018-17470 Zhe Jin discovered a memory corruption issue in the GPU backend implementation.

- CVE-2018-17471 Lnyas Zhang discovered an issue with the full screen user interface.

- CVE-2018-17473 Khalil Zhani discovered a URL spoofing issue.

- CVE-2018-17474 Zhe Jin discovered a use-after-free issue.

- CVE-2018-17475 Vladimir Metnew discovered a URL spoofing issue.

- CVE-2018-17476 Khalil Zhani discovered an issue with the full screen user interface.

- CVE-2018-17477 Aaron Muir Hamilton discovered a user interface spoofing issue in the extensions pane.

This update also fixes a buffer overflow in the embedded lcms library included with chromium.

Solution

Upgrade the chromium-browser packages.

For the stable distribution (stretch), these problems have been fixed in version 70.0.3538.67-1~deb9u1.

See Also

https://security-tracker.debian.org/tracker/CVE-2018-5179

https://security-tracker.debian.org/tracker/CVE-2018-17462

https://security-tracker.debian.org/tracker/CVE-2018-17463

https://security-tracker.debian.org/tracker/CVE-2018-17464

https://security-tracker.debian.org/tracker/CVE-2018-17465

https://security-tracker.debian.org/tracker/CVE-2018-17466

https://security-tracker.debian.org/tracker/CVE-2018-17467

https://security-tracker.debian.org/tracker/CVE-2018-17468

https://security-tracker.debian.org/tracker/CVE-2018-17469

https://security-tracker.debian.org/tracker/CVE-2018-17470

https://security-tracker.debian.org/tracker/CVE-2018-17471

https://security-tracker.debian.org/tracker/CVE-2018-17473

https://security-tracker.debian.org/tracker/CVE-2018-17474

https://security-tracker.debian.org/tracker/CVE-2018-17475

https://security-tracker.debian.org/tracker/CVE-2018-17476

https://security-tracker.debian.org/tracker/CVE-2018-17477

http://www.nessus.org/u?e33901a2

https://packages.debian.org/source/stretch/chromium-browser

https://www.debian.org/security/2018/dsa-4330

Plugin Details

Severity: High

ID: 118719

File Name: debian_DSA-4330.nasl

Version: 1.7

Type: local

Agent: unix

Published: 11/5/2018

Updated: 4/29/2021

Dependencies: ssh_get_info.nasl

Risk Information

CVSS Score Source: CVE-2018-17474

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: E:F/RL:OF/RC:C

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium-browser, cpe:/o:debian:debian_linux:9.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/2/2018

Vulnerability Publication Date: 11/14/2018

Exploitable With

Metasploit (Google Chrome 67, 68 and 69 Object.create exploit)

Reference Information

CVE: CVE-2018-17462, CVE-2018-17463, CVE-2018-17464, CVE-2018-17465, CVE-2018-17466, CVE-2018-17467, CVE-2018-17468, CVE-2018-17469, CVE-2018-17470, CVE-2018-17471, CVE-2018-17473, CVE-2018-17474, CVE-2018-17475, CVE-2018-17476, CVE-2018-17477, CVE-2018-5179

DSA: 4330