Debian dsa-6316 : chromium - security update

critical Nessus Plugin ID 318078

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6316 advisory.

- ------------------------------------------------------------------------- Debian Security Advisory DSA-6316-1 [email protected] https://www.debian.org/security/ Andres Salomon May 31, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium CVE ID : CVE-2026-9872 CVE-2026-9873 CVE-2026-9874 CVE-2026-9875 CVE-2026-9876 CVE-2026-9877 CVE-2026-9878 CVE-2026-9879 CVE-2026-9880 CVE-2026-9881 CVE-2026-9882 CVE-2026-9883 CVE-2026-9884 CVE-2026-9885 CVE-2026-9886 CVE-2026-9887 CVE-2026-9888 CVE-2026-9889 CVE-2026-9890 CVE-2026-9891 CVE-2026-9892 CVE-2026-9893 CVE-2026-9894 CVE-2026-9895 CVE-2026-9896 CVE-2026-9897 CVE-2026-9898 CVE-2026-9899 CVE-2026-9900 CVE-2026-9901 CVE-2026-9902 CVE-2026-9903 CVE-2026-9904 CVE-2026-9905 CVE-2026-9906 CVE-2026-9907 CVE-2026-9908 CVE-2026-9909 CVE-2026-9910 CVE-2026-9911 CVE-2026-9912 CVE-2026-9913 CVE-2026-9914 CVE-2026-9915 CVE-2026-9916 CVE-2026-9917 CVE-2026-9918 CVE-2026-9919 CVE-2026-9920 CVE-2026-9921 CVE-2026-9922 CVE-2026-9923 CVE-2026-9924 CVE-2026-9925 CVE-2026-9926 CVE-2026-9927 CVE-2026-9928 CVE-2026-9929 CVE-2026-9930 CVE-2026-9931 CVE-2026-9932 CVE-2026-9933 CVE-2026-9934 CVE-2026-9935 CVE-2026-9936 CVE-2026-9937 CVE-2026-9938 CVE-2026-9939 CVE-2026-9940 CVE-2026-9941 CVE-2026-9942 CVE-2026-9943 CVE-2026-9944 CVE-2026-9945 CVE-2026-9946 CVE-2026-9947 CVE-2026-9948 CVE-2026-9949 CVE-2026-9950 CVE-2026-9951 CVE-2026-9952 CVE-2026-9953 CVE-2026-9954 CVE-2026-9955 CVE-2026-9956 CVE-2026-9957 CVE-2026-9958 CVE-2026-9959 CVE-2026-9960 CVE-2026-9961 CVE-2026-9962 CVE-2026-9963 CVE-2026-9964 CVE-2026-9965 CVE-2026-9966 CVE-2026-9967 CVE-2026-9968 CVE-2026-9969 CVE-2026-9970 CVE-2026-9971 CVE-2026-9972 CVE-2026-9973 CVE-2026-9974 CVE-2026-9975 CVE-2026-9976 CVE-2026-9977 CVE-2026-9978 CVE-2026-9979 CVE-2026-9980 CVE-2026-9981 CVE-2026-9982 CVE-2026-9983 CVE-2026-9984 CVE-2026-9985 CVE-2026-9986 CVE-2026-9987 CVE-2026-9988 CVE-2026-9989 CVE-2026-9990 CVE-2026-9991 CVE-2026-9992 CVE-2026-9993 CVE-2026-9994 CVE-2026-9995 CVE-2026-9996 CVE-2026-9997 CVE-2026-9998 CVE-2026-9999 CVE-2026-10000 CVE-2026-10001 CVE-2026-10002 CVE-2026-10003 CVE-2026-10004 CVE-2026-10005 CVE-2026-10006 CVE-2026-10007 CVE-2026-10008 CVE-2026-10009 CVE-2026-10010 CVE-2026-10011 CVE-2026-10012 CVE-2026-10013 CVE-2026-10014 CVE-2026-10015 CVE-2026-10016 CVE-2026-10017 CVE-2026-10018 CVE-2026-10019 CVE-2026-10020 CVE-2026-10021 CVE-2026-10022

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

For the oldstable distribution (bookworm), these problems have been fixed in version 148.0.7778.215-1~deb12u1.

For the stable distribution (trixie), these problems have been fixed in version 148.0.7778.215-1~deb13u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: [email protected]

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the chromium packages.

Plugin Details

Severity: Critical

ID: 318078

File Name: debian_DSA-6316.nasl

Version: 1.1

Type: Local

Agent: unix

Family: Debian Local Security Checks

Published: 6/1/2026

Updated: 6/1/2026

Supported Sensors: Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-9887

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Temporal Score: 8.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2026-9874

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium-common, p-cpe:/a:debian:debian_linux:chromium-l10n, p-cpe:/a:debian:debian_linux:chromium-shell, p-cpe:/a:debian:debian_linux:chromium, cpe:/o:debian:debian_linux:12.0, p-cpe:/a:debian:debian_linux:chromium-headless-shell, p-cpe:/a:debian:debian_linux:chromium-sandbox, p-cpe:/a:debian:debian_linux:chromium-driver, cpe:/o:debian:debian_linux:13.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 5/31/2026

Vulnerability Publication Date: 5/27/2026

Reference Information

CVE: CVE-2026-10000, CVE-2026-10001, CVE-2026-10002, CVE-2026-10003, CVE-2026-10004, CVE-2026-10005, CVE-2026-10006, CVE-2026-10007, CVE-2026-10008, CVE-2026-10009, CVE-2026-10010, CVE-2026-10011, CVE-2026-10012, CVE-2026-10013, CVE-2026-10014, CVE-2026-10015, CVE-2026-10016, CVE-2026-10017, CVE-2026-10018, CVE-2026-10019, CVE-2026-10020, CVE-2026-10021, CVE-2026-10022, CVE-2026-9872, CVE-2026-9873, CVE-2026-9874, CVE-2026-9875, CVE-2026-9876, CVE-2026-9877, CVE-2026-9878, CVE-2026-9879, CVE-2026-9880, CVE-2026-9881, CVE-2026-9882, CVE-2026-9883, CVE-2026-9884, CVE-2026-9885, CVE-2026-9886, CVE-2026-9887, CVE-2026-9888, CVE-2026-9889, CVE-2026-9890, CVE-2026-9891, CVE-2026-9892, CVE-2026-9893, CVE-2026-9894, CVE-2026-9895, CVE-2026-9896, CVE-2026-9897, CVE-2026-9898, CVE-2026-9899, CVE-2026-9900, CVE-2026-9901, CVE-2026-9902, CVE-2026-9903, CVE-2026-9904, CVE-2026-9905, CVE-2026-9906, CVE-2026-9907, CVE-2026-9908, CVE-2026-9909, CVE-2026-9910, CVE-2026-9911, CVE-2026-9912, CVE-2026-9913, CVE-2026-9914, CVE-2026-9915, CVE-2026-9916, CVE-2026-9917, CVE-2026-9918, CVE-2026-9919, CVE-2026-9920, CVE-2026-9921, CVE-2026-9922, CVE-2026-9923, CVE-2026-9924, CVE-2026-9925, CVE-2026-9926, CVE-2026-9927, CVE-2026-9928, CVE-2026-9929, CVE-2026-9930, CVE-2026-9931, CVE-2026-9932, CVE-2026-9933, CVE-2026-9934, CVE-2026-9935, CVE-2026-9936, CVE-2026-9937, CVE-2026-9938, CVE-2026-9939, CVE-2026-9940, CVE-2026-9941, CVE-2026-9942, CVE-2026-9943, CVE-2026-9944, CVE-2026-9945, CVE-2026-9946, CVE-2026-9947, CVE-2026-9948, CVE-2026-9949, CVE-2026-9950, CVE-2026-9951, CVE-2026-9952, CVE-2026-9953, CVE-2026-9954, CVE-2026-9955, CVE-2026-9956, CVE-2026-9957, CVE-2026-9958, CVE-2026-9959, CVE-2026-9960, CVE-2026-9961, CVE-2026-9962, CVE-2026-9963, CVE-2026-9964, CVE-2026-9965, CVE-2026-9966, CVE-2026-9967, CVE-2026-9968, CVE-2026-9969, CVE-2026-9970, CVE-2026-9971, CVE-2026-9972, CVE-2026-9973, CVE-2026-9974, CVE-2026-9975, CVE-2026-9976, CVE-2026-9977, CVE-2026-9978, CVE-2026-9979, CVE-2026-9980, CVE-2026-9981, CVE-2026-9982, CVE-2026-9983, CVE-2026-9984, CVE-2026-9985, CVE-2026-9986, CVE-2026-9987, CVE-2026-9988, CVE-2026-9989, CVE-2026-9990, CVE-2026-9991, CVE-2026-9992, CVE-2026-9993, CVE-2026-9994, CVE-2026-9995, CVE-2026-9996, CVE-2026-9997, CVE-2026-9998, CVE-2026-9999

Detections

Analytics