Detections
Analytics

openSUSE 15 Security Update : opera (openSUSE-SU-2021:1488-1)

critical Nessus Plugin ID 155652

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1488-1 advisory.

 - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
 (CVE-2021-37981)

 - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)

 - Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)

 - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)

 - Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.
 (CVE-2021-37985)

 - Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37986)

 - Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37987)

 - Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.
 (CVE-2021-37988)

 - Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page. (CVE-2021-37989)

 - Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app. (CVE-2021-37990)

 - Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37991)

 - Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37992)

 - Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)

 - Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-37994)

 - Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
 (CVE-2021-37995)

 - Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file. (CVE-2021-37996)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected opera package.

See Also

http://www.nessus.org/u?2a94c608

https://www.suse.com/security/cve/CVE-2021-37981

https://www.suse.com/security/cve/CVE-2021-37982

https://www.suse.com/security/cve/CVE-2021-37983

https://www.suse.com/security/cve/CVE-2021-37984

https://www.suse.com/security/cve/CVE-2021-37985

https://www.suse.com/security/cve/CVE-2021-37986

https://www.suse.com/security/cve/CVE-2021-37987

https://www.suse.com/security/cve/CVE-2021-37988

https://www.suse.com/security/cve/CVE-2021-37989

https://www.suse.com/security/cve/CVE-2021-37990

https://www.suse.com/security/cve/CVE-2021-37991

https://www.suse.com/security/cve/CVE-2021-37992

https://www.suse.com/security/cve/CVE-2021-37993

https://www.suse.com/security/cve/CVE-2021-37994

https://www.suse.com/security/cve/CVE-2021-37995

https://www.suse.com/security/cve/CVE-2021-37996

Plugin Details

Severity: Critical

ID: 155652

File Name: openSUSE-2021-1488.nasl

Version: 1.4

Type: local

Agent: unix

Published: 11/20/2021

Updated: 5/6/2022

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2021-37993

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Temporal Score: 8.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2021-37981

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:opera, cpe:/o:novell:opensuse:15.2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 11/19/2021

Vulnerability Publication Date: 10/19/2021

Reference Information

CVE: CVE-2021-37981, CVE-2021-37982, CVE-2021-37983, CVE-2021-37984, CVE-2021-37985, CVE-2021-37986, CVE-2021-37987, CVE-2021-37988, CVE-2021-37989, CVE-2021-37990, CVE-2021-37991, CVE-2021-37992, CVE-2021-37993, CVE-2021-37994, CVE-2021-37995, CVE-2021-37996

IAVA: 2021-A-0491-S