FreeBSD : chromium -- multiple vulnerabilities (64988354-0889-11eb-a01b-e09467587c17)

high Nessus Plugin ID 141284

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Chrome releases reports :

This release contains 35 security fixes, including :

- [1127322] Critical CVE-2020-15967: Use after free in payments.
Reported by Man Yue Mo of GitHub Security Lab on 2020-09-11

- [1126424] High CVE-2020-15968: Use after free in Blink. Reported by Anonymous on 2020-09-09

- [1124659] High CVE-2020-15969: Use after free in WebRTC. Reported by Anonymous on 2020-09-03

- [1108299] High CVE-2020-15970: Use after free in NFC. Reported by Man Yue Mo of GitHub Security Lab on 2020-07-22

- [1114062] High CVE-2020-15971: Use after free in printing. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-08-07

- [1115901] High CVE-2020-15972: Use after free in audio. Reported by Anonymous on 2020-08-13

- [1133671] High CVE-2020-15990: Use after free in autofill. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30

- [1133688] High CVE-2020-15991: Use after free in password manager.
Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30

- [1106890] Medium CVE-2020-15973: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-07-17

- [1104103] Medium CVE-2020-15974: Integer overflow in Blink. Reported by Juno Im (junorouse) of Theori on 2020-07-10

- [1110800] Medium CVE-2020-15975: Integer overflow in SwiftShader.
Reported by Anonymous on 2020-07-29

- [1123522] Medium CVE-2020-15976: Use after free in WebXR. Reported by YoungJoo Lee (@ashuu_lee) of Raon Whitehat on 2020-08-31

- [1083278] Medium CVE-2020-6557: Inappropriate implementation in networking. Reported by Matthias Gierlings and Marcus Brinkmann (NDS Ruhr-University Bochum) on 2020-05-15

- [1097724] Medium CVE-2020-15977: Insufficient data validation in dialogs. Reported by Narendra Bhati (@imnarendrabhati) on 2020-06-22

- [1116280] Medium CVE-2020-15978: Insufficient data validation in navigation. Reported by Luan Herrera (@lbherrera_) on 2020-08-14

- [1127319] Medium CVE-2020-15979: Inappropriate implementation in V8.
Reported by Avihay Cohen (@SeraphicAlgorithms) on 2020-09-11

- [1092453] Medium CVE-2020-15980: Insufficient policy enforcement in Intents. Reported by Yongke Wang (@Rudykewang) and Aryb1n (@aryb1n) of Tencent Security Xuanwu Lab on 2020-06-08

- [1123023] Medium CVE-2020-15981: Out of bounds read in audio.
Reported by Christoph Guttandin on 2020-08-28

- [1039882] Medium CVE-2020-15982: Side-channel information leakage in cache. Reported by Luan Herrera (@lbherrera_) on 2020-01-07

- [1076786] Medium CVE-2020-15983: Insufficient data validation in webUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-04-30

- [1080395] Medium CVE-2020-15984: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora on 2020-05-07

- [1099276] Medium CVE-2020-15985: Inappropriate implementation in Blink. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2020-06-25

- [1100247] Medium CVE-2020-15986: Integer overflow in media. Reported by Mark Brand of Google Project Zero on 2020-06-29

- [1127774] Medium CVE-2020-15987: Use after free in WebRTC. Reported by Philipp Hancke on 2020-09-14

- [1110195] Medium CVE-2020-15992: Insufficient policy enforcement in networking. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-28

- [1092518] Low CVE-2020-15988: Insufficient policy enforcement in downloads. Reported by Samuel Attard on 2020-06-08

- [1108351] Low CVE-2020-15989: Uninitialized Use in PDFium. Reported by Gareth Evans (Microsoft) on 2020-07-22

Solution

Update the affected package.

See Also

http://www.nessus.org/u?ac3b0244

http://www.nessus.org/u?12510b9f

Plugin Details

Severity: High

ID: 141284

File Name: freebsd_pkg_64988354088911eba01be09467587c17.nasl

Version: 1.6

Type: local

Published: 10/8/2020

Updated: 11/12/2020

Dependencies: ssh_get_info.nasl

Risk Information

CVSS Score Source: CVE-2020-15992

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:chromium, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 10/7/2020

Vulnerability Publication Date: 10/6/2020

Reference Information

CVE: CVE-2020-15967, CVE-2020-15968, CVE-2020-15969, CVE-2020-15970, CVE-2020-15971, CVE-2020-15972, CVE-2020-15973, CVE-2020-15974, CVE-2020-15975, CVE-2020-15976, CVE-2020-15977, CVE-2020-15978, CVE-2020-15979, CVE-2020-15980, CVE-2020-15981, CVE-2020-15982, CVE-2020-15983, CVE-2020-15984, CVE-2020-15985, CVE-2020-15986, CVE-2020-15987, CVE-2020-15988, CVE-2020-15989, CVE-2020-15990, CVE-2020-15991, CVE-2020-15992, CVE-2020-6557

IAVA: 2020-A-0443-S