Debian DSA-4500-1 : chromium - security update

Medium Nessus Plugin ID 127868

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6.7

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the chromium web browser.

- CVE-2019-5805 A use-after-free issue was discovered in the pdfium library.

- CVE-2019-5806 Wen Xu discovered an integer overflow issue in the Angle library.

- CVE-2019-5807 TimGMichaud discovered a memory corruption issue in the v8 JavaScript library.

- CVE-2019-5808 cloudfuzzer discovered a use-after-free issue in Blink/Webkit.

- CVE-2019-5809 Mark Brand discovered a use-after-free issue in Blink/Webkit.

- CVE-2019-5810 Mark Amery discovered an information disclosure issue.

- CVE-2019-5811 Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature.

- CVE-2019-5813 Aleksandar Nikolic discovered an out-of-bounds read issue in the v8 JavaScript library.

- CVE-2019-5814 @AaylaSecura1138 discovered a way to bypass the Cross-Origin Resource Sharing feature.

- CVE-2019-5815 Nicolas Gregoire discovered a buffer overflow issue in Blink/Webkit.

- CVE-2019-5818 Adrian Tolbaru discovered an uninitialized value issue.

- CVE-2019-5819 Svyat Mitin discovered an error in the developer tools.

- CVE-2019-5820 pdknsk discovered an integer overflow issue in the pdfium library.

- CVE-2019-5821 pdknsk discovered another integer overflow issue in the pdfium library.

- CVE-2019-5822 Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature.

- CVE-2019-5823 David Erceg discovered a navigation error.

- CVE-2019-5824 leecraso and Guang Gong discovered an error in the media player.

- CVE-2019-5825 Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered an out-of-bounds write issue in the v8 JavaScript library.

- CVE-2019-5826 Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered a use-after-free issue.

- CVE-2019-5827 mlfbrown discovered an out-of-bounds read issue in the sqlite library.

- CVE-2019-5828 leecraso and Guang Gong discovered a use-after-free issue.

- CVE-2019-5829 Lucas Pinheiro discovered a use-after-free issue.

- CVE-2019-5830 Andrew Krashichkov discovered a credential error in the Cross-Origin Resource Sharing feature.

- CVE-2019-5831 yngwei discovered a map error in the v8 JavaScript library.

- CVE-2019-5832 Sergey Shekyan discovered an error in the Cross-Origin Resource Sharing feature.

- CVE-2019-5833 Khalil Zhani discovered a user interface error.

- CVE-2019-5834 Khalil Zhani discovered a URL spoofing issue.

- CVE-2019-5836 Omair discovered a buffer overflow issue in the Angle library.

- CVE-2019-5837 Adam Iawniuk discovered an information disclosure issue.

- CVE-2019-5838 David Erceg discovered an error in extension permissions.

- CVE-2019-5839 Masato Kinugawa discovered implementation errors in Blink/Webkit.

- CVE-2019-5840 Eliya Stein and Jerome Dangu discovered a way to bypass the popup blocker.

- CVE-2019-5842 BUGFENSE discovered a use-after-free issue in Blink/Webkit.

- CVE-2019-5847 m3plex discovered an error in the v8 JavaScript library.

- CVE-2019-5848 Mark Amery discovered an information disclosure issue.

- CVE-2019-5849 Zhen Zhou discovered an out-of-bounds read in the Skia library.

- CVE-2019-5850 Brendon Tiszka discovered a use-after-free issue in the offline page fetcher.

- CVE-2019-5851 Zhe Jin discovered a use-after-poison issue.

- CVE-2019-5852 David Erceg discovered an information disclosure issue.

- CVE-2019-5853 Yngwei and sakura discovered a memory corruption issue.

- CVE-2019-5854 Zhen Zhou discovered an integer overflow issue in the pdfium library.

- CVE-2019-5855 Zhen Zhou discovered an integer overflow issue in the pdfium library.

- CVE-2019-5856 Yongke Wang discovered an error related to filesystem:
URI permissions.

- CVE-2019-5857 cloudfuzzer discovered a way to crash chromium.

- CVE-2019-5858 evil1m0 discovered an information disclosure issue.

- CVE-2019-5859 James Lee discovered a way to launch alternative browsers.

- CVE-2019-5860 A use-after-free issue was discovered in the v8 JavaScript library.

- CVE-2019-5861 Robin Linus discovered an error determining click location.

- CVE-2019-5862 Jun Kokatsu discovered an error in the AppCache implementation.

- CVE-2019-5864 Devin Grindle discovered an error in the Cross-Origin Resourse Sharing feature for extensions.

- CVE-2019-5865 Ivan Fratric discovered a way to bypass the site isolation feature.

- CVE-2019-5867 Lucas Pinheiro discovered an out-of-bounds read issue in the v8 JavaScript library.

- CVE-2019-5868 banananapenguin discovered a use-after-free issue in the v8 JavaScript library.

Solution

Upgrade the chromium packages.

For the stable distribution (buster), these problems have been fixed in version 76.0.3809.100-1~deb10u1.

See Also

https://security-tracker.debian.org/tracker/CVE-2019-5805

https://security-tracker.debian.org/tracker/CVE-2019-5806

https://security-tracker.debian.org/tracker/CVE-2019-5807

https://security-tracker.debian.org/tracker/CVE-2019-5808

https://security-tracker.debian.org/tracker/CVE-2019-5809

https://security-tracker.debian.org/tracker/CVE-2019-5810

https://security-tracker.debian.org/tracker/CVE-2019-5811

https://security-tracker.debian.org/tracker/CVE-2019-5813

https://security-tracker.debian.org/tracker/CVE-2019-5814

https://security-tracker.debian.org/tracker/CVE-2019-5815

https://security-tracker.debian.org/tracker/CVE-2019-5818

https://security-tracker.debian.org/tracker/CVE-2019-5819

https://security-tracker.debian.org/tracker/CVE-2019-5820

https://security-tracker.debian.org/tracker/CVE-2019-5821

https://security-tracker.debian.org/tracker/CVE-2019-5822

https://security-tracker.debian.org/tracker/CVE-2019-5823

https://security-tracker.debian.org/tracker/CVE-2019-5824

https://security-tracker.debian.org/tracker/CVE-2019-5825

https://security-tracker.debian.org/tracker/CVE-2019-5826

https://security-tracker.debian.org/tracker/CVE-2019-5827

https://security-tracker.debian.org/tracker/CVE-2019-5828

https://security-tracker.debian.org/tracker/CVE-2019-5829

https://security-tracker.debian.org/tracker/CVE-2019-5830

https://security-tracker.debian.org/tracker/CVE-2019-5831

https://security-tracker.debian.org/tracker/CVE-2019-5832

https://security-tracker.debian.org/tracker/CVE-2019-5833

https://security-tracker.debian.org/tracker/CVE-2019-5834

https://security-tracker.debian.org/tracker/CVE-2019-5836

https://security-tracker.debian.org/tracker/CVE-2019-5837

https://security-tracker.debian.org/tracker/CVE-2019-5838

https://security-tracker.debian.org/tracker/CVE-2019-5839

https://security-tracker.debian.org/tracker/CVE-2019-5840

https://security-tracker.debian.org/tracker/CVE-2019-5842

https://security-tracker.debian.org/tracker/CVE-2019-5847

https://security-tracker.debian.org/tracker/CVE-2019-5848

https://security-tracker.debian.org/tracker/CVE-2019-5849

https://security-tracker.debian.org/tracker/CVE-2019-5850

https://security-tracker.debian.org/tracker/CVE-2019-5851

https://security-tracker.debian.org/tracker/CVE-2019-5852

https://security-tracker.debian.org/tracker/CVE-2019-5853

https://security-tracker.debian.org/tracker/CVE-2019-5854

https://security-tracker.debian.org/tracker/CVE-2019-5855

https://security-tracker.debian.org/tracker/CVE-2019-5856

https://security-tracker.debian.org/tracker/CVE-2019-5857

https://security-tracker.debian.org/tracker/CVE-2019-5858

https://security-tracker.debian.org/tracker/CVE-2019-5859

https://security-tracker.debian.org/tracker/CVE-2019-5860

https://security-tracker.debian.org/tracker/CVE-2019-5861

https://security-tracker.debian.org/tracker/CVE-2019-5862

https://security-tracker.debian.org/tracker/CVE-2019-5864

https://security-tracker.debian.org/tracker/CVE-2019-5865

https://security-tracker.debian.org/tracker/CVE-2019-5867

https://security-tracker.debian.org/tracker/CVE-2019-5868

https://security-tracker.debian.org/tracker/source-package/chromium

https://packages.debian.org/source/buster/chromium

https://www.debian.org/security/2019/dsa-4500

Plugin Details

Severity: Medium

ID: 127868

File Name: debian_DSA-4500.nasl

Version: 1.6

Type: local

Agent: unix

Published: 2019/08/14

Updated: 2020/03/09

Dependencies: 12634

Risk Information

Risk Factor: Medium

VPR Score: 6.7

CVSS Score Source: CVE-2019-5859

CVSS v2.0

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSS v3.0

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium, cpe:/o:debian:debian_linux:10.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2019/08/12

Vulnerability Publication Date: 2019/06/27

Exploitable With

Metasploit (Google Chrome 72 and 73 Array.map exploit)

Reference Information

CVE: CVE-2019-5805, CVE-2019-5806, CVE-2019-5807, CVE-2019-5808, CVE-2019-5809, CVE-2019-5810, CVE-2019-5811, CVE-2019-5813, CVE-2019-5814, CVE-2019-5815, CVE-2019-5818, CVE-2019-5819, CVE-2019-5820, CVE-2019-5821, CVE-2019-5822, CVE-2019-5823, CVE-2019-5824, CVE-2019-5825, CVE-2019-5826, CVE-2019-5827, CVE-2019-5828, CVE-2019-5829, CVE-2019-5830, CVE-2019-5831, CVE-2019-5832, CVE-2019-5833, CVE-2019-5834, CVE-2019-5836, CVE-2019-5837, CVE-2019-5838, CVE-2019-5839, CVE-2019-5840, CVE-2019-5842, CVE-2019-5847, CVE-2019-5848, CVE-2019-5849, CVE-2019-5850, CVE-2019-5851, CVE-2019-5852, CVE-2019-5853, CVE-2019-5854, CVE-2019-5855, CVE-2019-5856, CVE-2019-5857, CVE-2019-5858, CVE-2019-5859, CVE-2019-5860, CVE-2019-5861, CVE-2019-5862, CVE-2019-5864, CVE-2019-5865, CVE-2019-5867, CVE-2019-5868

DSA: 4500