openSUSE 15 Security Update : opera (openSUSE-SU-2021:1488-1)

critical Nessus Plugin ID 155652

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1488-1 advisory.

- Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
(CVE-2021-37981)

- Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)

- Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)

- Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)

- Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.
(CVE-2021-37985)

- Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37986)

- Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37987)

- Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.
(CVE-2021-37988)

- Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page. (CVE-2021-37989)

- Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app. (CVE-2021-37990)

- Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37991)

- Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37992)

- Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)

- Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-37994)

- Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
(CVE-2021-37995)

- Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file. (CVE-2021-37996)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected opera package.

See Also

http://www.nessus.org/u?2a94c608

https://www.suse.com/security/cve/CVE-2021-37981

https://www.suse.com/security/cve/CVE-2021-37982

https://www.suse.com/security/cve/CVE-2021-37983

https://www.suse.com/security/cve/CVE-2021-37984

https://www.suse.com/security/cve/CVE-2021-37985

https://www.suse.com/security/cve/CVE-2021-37986

https://www.suse.com/security/cve/CVE-2021-37987

https://www.suse.com/security/cve/CVE-2021-37988

https://www.suse.com/security/cve/CVE-2021-37989

https://www.suse.com/security/cve/CVE-2021-37990

https://www.suse.com/security/cve/CVE-2021-37991

https://www.suse.com/security/cve/CVE-2021-37992

https://www.suse.com/security/cve/CVE-2021-37993

https://www.suse.com/security/cve/CVE-2021-37994

https://www.suse.com/security/cve/CVE-2021-37995

https://www.suse.com/security/cve/CVE-2021-37996

Plugin Details

Severity: Critical

ID: 155652

File Name: openSUSE-2021-1488.nasl

Version: 1.4

Type: local

Agent: unix

Published: 11/20/2021

Updated: 5/6/2022

Supported Sensors: Nessus Agent

Risk Information

CVSS Score Source: CVE-2021-37993

VPR

Risk Factor: High

Score: 8.1

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Temporal Score: 8.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:opera, cpe:/o:novell:opensuse:15.2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 11/19/2021

Vulnerability Publication Date: 10/19/2021

Reference Information

CVE: CVE-2021-37981, CVE-2021-37982, CVE-2021-37983, CVE-2021-37984, CVE-2021-37985, CVE-2021-37986, CVE-2021-37987, CVE-2021-37988, CVE-2021-37989, CVE-2021-37990, CVE-2021-37991, CVE-2021-37992, CVE-2021-37993, CVE-2021-37994, CVE-2021-37995, CVE-2021-37996

IAVA: 2021-A-0491-S