Debian DSA-4714-1 : chromium - security update

critical Nessus Plugin ID 138066
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the chromium web browser.

- CVE-2020-6423 A use-after-free issue was found in the audio implementation.

- CVE-2020-6430 Avihay Cohen discovered a type confusion issue in the v8 JavaScript library.

- CVE-2020-6431 Luan Herrera discovered a policy enforcement error.

- CVE-2020-6432 Luan Herrera discovered a policy enforcement error.

- CVE-2020-6433 Luan Herrera discovered a policy enforcement error in extensions.

- CVE-2020-6434 HyungSeok Han discovered a use-after-free issue in the developer tools.

- CVE-2020-6435 Sergei Glazunov discovered a policy enforcement error in extensions.

- CVE-2020-6436 Igor Bukanov discovered a use-after-free issue.

- CVE-2020-6437 Jann Horn discovered an implementation error in WebView.

- CVE-2020-6438 Ng Yik Phang discovered a policy enforcement error in extensions.

- CVE-2020-6439 remkoboonstra discovered a policy enforcement error.

- CVE-2020-6440 David Erceg discovered an implementation error in extensions.

- CVE-2020-6441 David Erceg discovered a policy enforcement error.

- CVE-2020-6442 [email protected] discovered an implementation error in the page cache.

- CVE-2020-6443 @lovasoa discovered an implementation error in the developer tools.

- CVE-2020-6444 mlfbrown discovered an uninitialized variable in the WebRTC implementation.

- CVE-2020-6445 Jun Kokatsu discovered a policy enforcement error.

- CVE-2020-6446 Jun Kokatsu discovered a policy enforcement error.

- CVE-2020-6447 David Erceg discovered an implementation error in the developer tools.

- CVE-2020-6448 Guang Gong discovered a use-after-free issue in the v8 JavaScript library.

- CVE-2020-6454 Leecraso and Guang Gong discovered a use-after-free issue in extensions.

- CVE-2020-6455 Nan Wang and Guang Gong discovered an out-of-bounds read issue in the WebSQL implementation.

- CVE-2020-6456 Michal Bentkowski discovered insufficient validation of untrusted input.

- CVE-2020-6457 Leecraso and Guang Gong discovered a use-after-free issue in the speech recognizer.

- CVE-2020-6458 Aleksandar Nikolic discoved an out-of-bounds read and write issue in the pdfium library.

- CVE-2020-6459 Zhe Jin discovered a use-after-free issue in the payments implementation.

- CVE-2020-6460 It was discovered that URL formatting was insufficiently validated.

- CVE-2020-6461 Zhe Jin discovered a use-after-free issue.

- CVE-2020-6462 Zhe Jin discovered a use-after-free issue in task scheduling.

- CVE-2020-6463 Pawel Wylecial discovered a use-after-free issue in the ANGLE library.

- CVE-2020-6464 Looben Yang discovered a type confusion issue in Blink/Webkit.

- CVE-2020-6465 Woojin Oh discovered a use-after-free issue.

- CVE-2020-6466 Zhe Jin discovered a use-after-free issue.

- CVE-2020-6467 ZhanJia Song discovered a use-after-free issue in the WebRTC implementation.

- CVE-2020-6468 Chris Salls and Jake Corina discovered a type confusion issue in the v8 JavaScript library.

- CVE-2020-6469 David Erceg discovered a policy enforcement error in the developer tools.

- CVE-2020-6470 Michal Bentkowski discovered insufficient validation of untrusted input.

- CVE-2020-6471 David Erceg discovered a policy enforcement error in the developer tools.

- CVE-2020-6472 David Erceg discovered a policy enforcement error in the developer tools.

- CVE-2020-6473 Soroush Karami and Panagiotis Ilia discovered a policy enforcement error in Blink/Webkit.

- CVE-2020-6474 Zhe Jin discovered a use-after-free issue in Blink/Webkit.

- CVE-2020-6475 Khalil Zhani discovered a user interface error.

- CVE-2020-6476 Alexandre Le Borgne discovered a policy enforcement error.

- CVE-2020-6478 Khalil Zhani discovered an implementation error in full screen mode.

- CVE-2020-6479 Zhong Zhaochen discovered an implementation error.

- CVE-2020-6480 Marvin Witt discovered a policy enforcement error.

- CVE-2020-6481 Rayyan Bijoora discovered a policy enforcement error.

- CVE-2020-6482 Abdulrahman Alqabandi discovered a policy enforcement error in the developer tools.

- CVE-2020-6483 Jun Kokatsu discovered a policy enforcement error in payments.

- CVE-2020-6484 Artem Zinenko discovered insufficient validation of user data in the ChromeDriver implementation.

- CVE-2020-6485 Sergei Glazunov discovered a policy enforcement error.

- CVE-2020-6486 David Erceg discovered a policy enforcement error.

- CVE-2020-6487 Jun Kokatsu discovered a policy enforcement error.

- CVE-2020-6488 David Erceg discovered a policy enforcement error.

- CVE-2020-6489 @lovasoa discovered an implementation error in the developer tools.

- CVE-2020-6490 Insufficient validation of untrusted data was discovered.

- CVE-2020-6491 Sultan Haikal discovered a user interface error.

- CVE-2020-6493 A use-after-free issue was discovered in the WebAuthentication implementation.

- CVE-2020-6494 Juho Nurimen discovered a user interface error.

- CVE-2020-6495 David Erceg discovered a policy enforcement error in the developer tools.

- CVE-2020-6496 Khalil Zhani discovered a use-after-free issue in payments.

- CVE-2020-6497 Rayyan Bijoora discovered a policy enforcement issue.

- CVE-2020-6498 Rayyan Bijoora discovered a user interface error.

- CVE-2020-6505 Khalil Zhani discovered a use-after-free issue.

- CVE-2020-6506 Alesandro Ortiz discovered a policy enforcement error.

- CVE-2020-6507 Sergei Glazunov discovered an out-of-bounds write issue in the v8 JavaScript library.

- CVE-2020-6509 A use-after-free issue was discovered in extensions.

- CVE-2020-6831 Natalie Silvanovich discovered a buffer overflow issue in the SCTP library.

Solution

Upgrade the chromium packages.

For the oldstable distribution (stretch), security support for chromium has been discontinued.

For the stable distribution (buster), these problems have been fixed in version 83.0.4103.116-1~deb10u1.

See Also

https://security-tracker.debian.org/tracker/CVE-2020-6423

https://security-tracker.debian.org/tracker/CVE-2020-6430

https://security-tracker.debian.org/tracker/CVE-2020-6431

https://security-tracker.debian.org/tracker/CVE-2020-6432

https://security-tracker.debian.org/tracker/CVE-2020-6433

https://security-tracker.debian.org/tracker/CVE-2020-6434

https://security-tracker.debian.org/tracker/CVE-2020-6435

https://security-tracker.debian.org/tracker/CVE-2020-6436

https://security-tracker.debian.org/tracker/CVE-2020-6437

https://security-tracker.debian.org/tracker/CVE-2020-6438

https://security-tracker.debian.org/tracker/CVE-2020-6439

https://security-tracker.debian.org/tracker/CVE-2020-6440

https://security-tracker.debian.org/tracker/CVE-2020-6441

https://security-tracker.debian.org/tracker/CVE-2020-6442

https://security-tracker.debian.org/tracker/CVE-2020-6443

https://security-tracker.debian.org/tracker/CVE-2020-6444

https://security-tracker.debian.org/tracker/CVE-2020-6445

https://security-tracker.debian.org/tracker/CVE-2020-6446

https://security-tracker.debian.org/tracker/CVE-2020-6447

https://security-tracker.debian.org/tracker/CVE-2020-6448

https://security-tracker.debian.org/tracker/CVE-2020-6454

https://security-tracker.debian.org/tracker/CVE-2020-6455

https://security-tracker.debian.org/tracker/CVE-2020-6456

https://security-tracker.debian.org/tracker/CVE-2020-6457

https://security-tracker.debian.org/tracker/CVE-2020-6458

https://security-tracker.debian.org/tracker/CVE-2020-6459

https://security-tracker.debian.org/tracker/CVE-2020-6460

https://security-tracker.debian.org/tracker/CVE-2020-6461

https://security-tracker.debian.org/tracker/CVE-2020-6462

https://security-tracker.debian.org/tracker/CVE-2020-6463

https://security-tracker.debian.org/tracker/CVE-2020-6464

https://security-tracker.debian.org/tracker/CVE-2020-6465

https://security-tracker.debian.org/tracker/CVE-2020-6466

https://security-tracker.debian.org/tracker/CVE-2020-6467

https://security-tracker.debian.org/tracker/CVE-2020-6468

https://security-tracker.debian.org/tracker/CVE-2020-6469

https://security-tracker.debian.org/tracker/CVE-2020-6470

https://security-tracker.debian.org/tracker/CVE-2020-6471

https://security-tracker.debian.org/tracker/CVE-2020-6472

https://security-tracker.debian.org/tracker/CVE-2020-6473

https://security-tracker.debian.org/tracker/CVE-2020-6474

https://security-tracker.debian.org/tracker/CVE-2020-6475

https://security-tracker.debian.org/tracker/CVE-2020-6476

https://security-tracker.debian.org/tracker/CVE-2020-6478

https://security-tracker.debian.org/tracker/CVE-2020-6479

https://security-tracker.debian.org/tracker/CVE-2020-6480

https://security-tracker.debian.org/tracker/CVE-2020-6481

https://security-tracker.debian.org/tracker/CVE-2020-6482

https://security-tracker.debian.org/tracker/CVE-2020-6483

https://security-tracker.debian.org/tracker/CVE-2020-6484

https://security-tracker.debian.org/tracker/CVE-2020-6485

https://security-tracker.debian.org/tracker/CVE-2020-6486

https://security-tracker.debian.org/tracker/CVE-2020-6487

https://security-tracker.debian.org/tracker/CVE-2020-6488

https://security-tracker.debian.org/tracker/CVE-2020-6489

https://security-tracker.debian.org/tracker/CVE-2020-6490

https://security-tracker.debian.org/tracker/CVE-2020-6491

https://security-tracker.debian.org/tracker/CVE-2020-6493

https://security-tracker.debian.org/tracker/CVE-2020-6494

https://security-tracker.debian.org/tracker/CVE-2020-6495

https://security-tracker.debian.org/tracker/CVE-2020-6496

https://security-tracker.debian.org/tracker/CVE-2020-6497

https://security-tracker.debian.org/tracker/CVE-2020-6498

https://security-tracker.debian.org/tracker/CVE-2020-6505

https://security-tracker.debian.org/tracker/CVE-2020-6506

https://security-tracker.debian.org/tracker/CVE-2020-6507

https://security-tracker.debian.org/tracker/CVE-2020-6509

https://security-tracker.debian.org/tracker/CVE-2020-6831

https://security-tracker.debian.org/tracker/source-package/chromium

https://packages.debian.org/source/buster/chromium

https://www.debian.org/security/2020/dsa-4714

Plugin Details

Severity: Critical

ID: 138066

File Name: debian_DSA-4714.nasl

Version: 1.5

Type: local

Agent: unix

Published: 7/2/2020

Updated: 5/26/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:H/RL:OF/RC:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:H/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium, cpe:/o:debian:debian_linux:10.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/1/2020

Vulnerability Publication Date: 4/13/2020

Reference Information

CVE: CVE-2020-6423, CVE-2020-6430, CVE-2020-6431, CVE-2020-6432, CVE-2020-6433, CVE-2020-6434, CVE-2020-6435, CVE-2020-6436, CVE-2020-6437, CVE-2020-6438, CVE-2020-6439, CVE-2020-6440, CVE-2020-6441, CVE-2020-6442, CVE-2020-6443, CVE-2020-6444, CVE-2020-6445, CVE-2020-6446, CVE-2020-6447, CVE-2020-6448, CVE-2020-6454, CVE-2020-6455, CVE-2020-6456, CVE-2020-6457, CVE-2020-6458, CVE-2020-6459, CVE-2020-6460, CVE-2020-6461, CVE-2020-6462, CVE-2020-6463, CVE-2020-6464, CVE-2020-6465, CVE-2020-6466, CVE-2020-6467, CVE-2020-6468, CVE-2020-6469, CVE-2020-6470, CVE-2020-6471, CVE-2020-6472, CVE-2020-6473, CVE-2020-6474, CVE-2020-6475, CVE-2020-6476, CVE-2020-6478, CVE-2020-6479, CVE-2020-6480, CVE-2020-6481, CVE-2020-6482, CVE-2020-6483, CVE-2020-6484, CVE-2020-6485, CVE-2020-6486, CVE-2020-6487, CVE-2020-6488, CVE-2020-6489, CVE-2020-6490, CVE-2020-6491, CVE-2020-6493, CVE-2020-6494, CVE-2020-6495, CVE-2020-6496, CVE-2020-6497, CVE-2020-6498, CVE-2020-6505, CVE-2020-6506, CVE-2020-6507, CVE-2020-6509, CVE-2020-6831

DSA: 4714