FreeBSD : chromium -- multiple vulnerabilities (674ed047-be0a-11eb-b927-3065ec8fd3ec)

high Nessus Plugin ID 150015

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Chrome Releases reports :

This release contains 32 security fixes, including :

- [1208721] High CVE-2021-30521: Heap buffer overflow in Autofill.
Reported by ZhanJia Song on 2021-05-13

- [1176218] High CVE-2021-30522: Use after free in WebAudio. Reported by Piotr Bania of Cisco Talos on 2021-02-09

- [1187797] High CVE-2021-30523: Use after free in WebRTC. Reported by Tolyan Korniltsev on 2021-03-13

- [1197146] High CVE-2021-30524: Use after free in TabStrip. Reported by David Erceg on 2021-04-08

- [1197888] High CVE-2021-30525: Use after free in TabGroups. Reported by David Erceg on 2021-04-11

- [1198717] High CVE-2021-30526: Out of bounds write in TabStrip.
Reported by David Erceg on 2021-04-13

- [1199198] High CVE-2021-30527: Use after free in WebUI. Reported by David Erceg on 2021-04-15

- [1206329] High CVE-2021-30528: Use after free in WebAuthentication.
Reported by Man Yue Mo of GitHub Security Lab on 2021-05-06

- [1195278] Medium CVE-2021-30529: Use after free in Bookmarks.
Reported by koocola (@alo_cook) and Nan Wang (@eternalsakura13) of 360 Alpha Lab on 2021-04-02

- [1201033] Medium CVE-2021-30530: Out of bounds memory access in WebAudio. Reported by kkwon on 2021-04-21

- [1115628] Medium CVE-2021-30531: Insufficient policy enforcement in Content Security Policy. Reported by Philip Papurt on 2020-08-12

- [1117687] Medium CVE-2021-30532: Insufficient policy enforcement in Content Security Policy. Reported by Philip Papurt on 2020-08-18

- [1145553] Medium CVE-2021-30533: Insufficient policy enforcement in PopupBlocker. Reported by Eliya Stein on 2020-11-04

- [1151507] Medium CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox. Reported by Alesandro Ortiz on 2020-11-20

- [1194899] Medium CVE-2021-30535: Double free in ICU. Reported by nocma, leogan, cheneyxu of WeChat Open Platform Security Team on 2021-04-01

- [1145024] Medium CVE-2021-21212: Insufficient data validation in networking. Reported by Hugo Hue and Sze Yiu Chau of the Chinese University of Hong Kong on 2020-11-03

- [1194358] Low CVE-2021-30536: Out of bounds read in V8. Reported by Chris Salls (@salls) on 2021-03-31

- [830101] Low CVE-2021-30537: Insufficient policy enforcement in cookies. Reported by Jun Kokatsu (@shhnjk) on 2018-04-06

- [1115045] Low CVE-2021-30538: Insufficient policy enforcement in content security policy. Reported by Tianze Ding (@D1iv3) of Tencent Security Xuanwu Lab on 2020-08-11

- [971231] Low CVE-2021-30539: Insufficient policy enforcement in content security policy. Reported by unnamed researcher on 2019-06-05

- [1184147] Low CVE-2021-30540: Incorrect security UI in payments.
Reported by @retsew0x01 on 2021-03-03

Solution

Update the affected package.

See Also

http://www.nessus.org/u?3a02fb7a

http://www.nessus.org/u?b872e03f

Plugin Details

Severity: High

ID: 150015

File Name: freebsd_pkg_674ed047be0a11ebb9273065ec8fd3ec.nasl

Version: 1.6

Type: local

Published: 5/27/2021

Updated: 6/28/2021

Dependencies: ssh_get_info.nasl

Risk Information

CVSS Score Source: CVE-2021-30535

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:chromium, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 5/26/2021

Vulnerability Publication Date: 5/25/2021

Reference Information

CVE: CVE-2021-21212, CVE-2021-30521, CVE-2021-30522, CVE-2021-30523, CVE-2021-30524, CVE-2021-30525, CVE-2021-30526, CVE-2021-30527, CVE-2021-30528, CVE-2021-30529, CVE-2021-30530, CVE-2021-30531, CVE-2021-30532, CVE-2021-30533, CVE-2021-30534, CVE-2021-30535, CVE-2021-30536, CVE-2021-30537, CVE-2021-30538, CVE-2021-30539, CVE-2021-30540

IAVA: 2021-A-0253-S