RHEL 6 : chromium-browser (RHSA-2020:4235)

high Nessus Plugin ID 141453
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4235 advisory.

- chromium-browser: Use after free in payments (CVE-2020-15967)

- chromium-browser: Use after free in Blink (CVE-2020-15968)

- chromium-browser: Use after free in WebRTC (CVE-2020-15969, CVE-2020-15987)

- chromium-browser: Use after free in NFC (CVE-2020-15970)

- chromium-browser: Use after free in printing (CVE-2020-15971)

- chromium-browser: Use after free in audio (CVE-2020-15972)

- chromium-browser: Insufficient policy enforcement in extensions (CVE-2020-15973)

- chromium-browser: Integer overflow in Blink (CVE-2020-15974)

- chromium-browser: Integer overflow in SwiftShader (CVE-2020-15975)

- chromium-browser: Use after free in WebXR (CVE-2020-15976)

- chromium-browser: Insufficient data validation in dialogs (CVE-2020-15977)

- chromium-browser: Insufficient data validation in navigation (CVE-2020-15978)

- chromium-browser: Inappropriate implementation in V8 (CVE-2020-15979)

- chromium-browser: Insufficient policy enforcement in Intents (CVE-2020-15980)

- chromium-browser: Out of bounds read in audio (CVE-2020-15981)

- chromium-browser: Side-channel information leakage in cache (CVE-2020-15982)

- chromium-browser: Insufficient data validation in webUI (CVE-2020-15983)

- chromium-browser: Insufficient policy enforcement in Omnibox (CVE-2020-15984)

- chromium-browser: Inappropriate implementation in Blink (CVE-2020-15985)

- chromium-browser: Integer overflow in media (CVE-2020-15986)

- chromium-browser: Insufficient policy enforcement in downloads (CVE-2020-15988)

- chromium-browser: Uninitialized use in PDFium (CVE-2020-15989)

- chromium-browser: Use after free in autofill (CVE-2020-15990)

- chromium-browser: Use after free in password manager (CVE-2020-15991)

- chromium-browser: Insufficient policy enforcement in networking (CVE-2020-15992)

- chromium-browser: Inappropriate implementation in networking (CVE-2020-6557)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected chromium-browser package.

See Also

https://access.redhat.com/security/cve/CVE-2020-6557

https://access.redhat.com/security/cve/CVE-2020-15967

https://access.redhat.com/security/cve/CVE-2020-15968

https://access.redhat.com/security/cve/CVE-2020-15969

https://access.redhat.com/security/cve/CVE-2020-15970

https://access.redhat.com/security/cve/CVE-2020-15971

https://access.redhat.com/security/cve/CVE-2020-15972

https://access.redhat.com/security/cve/CVE-2020-15973

https://access.redhat.com/security/cve/CVE-2020-15974

https://access.redhat.com/security/cve/CVE-2020-15975

https://access.redhat.com/security/cve/CVE-2020-15976

https://access.redhat.com/security/cve/CVE-2020-15977

https://access.redhat.com/security/cve/CVE-2020-15978

https://access.redhat.com/security/cve/CVE-2020-15979

https://access.redhat.com/security/cve/CVE-2020-15980

https://access.redhat.com/security/cve/CVE-2020-15981

https://access.redhat.com/security/cve/CVE-2020-15982

https://access.redhat.com/security/cve/CVE-2020-15983

https://access.redhat.com/security/cve/CVE-2020-15984

https://access.redhat.com/security/cve/CVE-2020-15985

https://access.redhat.com/security/cve/CVE-2020-15986

https://access.redhat.com/security/cve/CVE-2020-15987

https://access.redhat.com/security/cve/CVE-2020-15988

https://access.redhat.com/security/cve/CVE-2020-15989

https://access.redhat.com/security/cve/CVE-2020-15990

https://access.redhat.com/security/cve/CVE-2020-15991

https://access.redhat.com/security/cve/CVE-2020-15992

https://access.redhat.com/errata/RHSA-2020:4235

https://bugzilla.redhat.com/1885883

https://bugzilla.redhat.com/1885884

https://bugzilla.redhat.com/1885885

https://bugzilla.redhat.com/1885886

https://bugzilla.redhat.com/1885887

https://bugzilla.redhat.com/1885888

https://bugzilla.redhat.com/1885889

https://bugzilla.redhat.com/1885890

https://bugzilla.redhat.com/1885891

https://bugzilla.redhat.com/1885892

https://bugzilla.redhat.com/1885893

https://bugzilla.redhat.com/1885894

https://bugzilla.redhat.com/1885896

https://bugzilla.redhat.com/1885897

https://bugzilla.redhat.com/1885899

https://bugzilla.redhat.com/1885901

https://bugzilla.redhat.com/1885902

https://bugzilla.redhat.com/1885903

https://bugzilla.redhat.com/1885904

https://bugzilla.redhat.com/1885905

https://bugzilla.redhat.com/1885906

https://bugzilla.redhat.com/1885907

https://bugzilla.redhat.com/1885908

https://bugzilla.redhat.com/1885909

https://bugzilla.redhat.com/1885910

https://bugzilla.redhat.com/1885911

https://bugzilla.redhat.com/1885912

Plugin Details

Severity: High

ID: 141453

File Name: redhat-RHSA-2020-4235.nasl

Version: 1.7

Type: local

Agent: unix

Published: 10/14/2020

Updated: 10/12/2021

Dependencies: ssh_get_info.nasl, redhat_repos.nasl

Risk Information

CVSS Score Source: CVE-2020-15992

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:redhat:enterprise_linux:6, cpe:/o:redhat:rhel_eus:6.0, p-cpe:/a:redhat:enterprise_linux:chromium-browser

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 10/13/2020

Vulnerability Publication Date: 10/6/2020

Reference Information

CVE: CVE-2020-6557, CVE-2020-15967, CVE-2020-15968, CVE-2020-15969, CVE-2020-15970, CVE-2020-15971, CVE-2020-15972, CVE-2020-15973, CVE-2020-15974, CVE-2020-15975, CVE-2020-15976, CVE-2020-15977, CVE-2020-15978, CVE-2020-15979, CVE-2020-15980, CVE-2020-15981, CVE-2020-15982, CVE-2020-15983, CVE-2020-15984, CVE-2020-15985, CVE-2020-15986, CVE-2020-15987, CVE-2020-15988, CVE-2020-15989, CVE-2020-15990, CVE-2020-15991, CVE-2020-15992

RHSA: 2020:4235

IAVA: 2020-A-0443-S, 2020-A-0472-S, 2020-A-0486-S