Detections
Analytics

openSUSE 16 Security Update : chromium (openSUSE-SU-2026:20849-1)

critical Nessus Plugin ID 318249

Synopsis

The remote openSUSE host is missing one or more security updates.

Description

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20849-1 advisory.

 Changes in chromium:

 - Chromium 148.0.7778.215 (boo#1266471):
 * CVE-2026-9872: Out of bounds write in GPU
 * CVE-2026-9873: Use after free in Network
 * CVE-2026-9874: Use after free in Dawn
 * CVE-2026-9875: Out of bounds read in WebGL
 * CVE-2026-9876: Use after free in WebGL
 * CVE-2026-9877: Use after free in ANGLE
 * CVE-2026-9878: Use after free in ANGLE
 * CVE-2026-9879: Out of bounds write in ANGLE
 * CVE-2026-9880: Insufficient validation of untrusted input in WebGL
 * CVE-2026-9881: Use after free in Bluetooth
 * CVE-2026-9882: Integer overflow in ANGLE
 * CVE-2026-9883: Use after free in Base
 * CVE-2026-9884: Use after free in Browser
 * CVE-2026-9885: Insufficient validation of untrusted input in UI
 * CVE-2026-9886: Use after free in Base
 * CVE-2026-9887: Use after free in Proxy
 * CVE-2026-9888: Use after free in WebView
 * CVE-2026-9889: Out of bounds read and write in Dawn
 * CVE-2026-9890: Use after free in XR
 * CVE-2026-9891: Use after free in Extensions
 * CVE-2026-9892: Inappropriate implementation in Skia
 * CVE-2026-9893: Use after free in Skia
 * CVE-2026-9894: Use after free in GPU
 * CVE-2026-9895: Out of bounds read in GPU
 * CVE-2026-9896: Out of bounds write in V8
 * CVE-2026-9897: Use after free in DOM
 * CVE-2026-9898: Insufficient validation of untrusted input in GPU
 * CVE-2026-9899: Use after free in ANGLE
 * CVE-2026-9900: Out of bounds write in ANGLE
 * CVE-2026-9901: Use after free in ANGLE
 * CVE-2026-9902: Use after free in Accessibility
 * CVE-2026-9903: Insufficient validation of untrusted input in Site Isolation
 * CVE-2026-9904: Use after free in ANGLE
 * CVE-2026-9905: Use after free in Accessibility
 * CVE-2026-9906: Out of bounds write in GPU
 * CVE-2026-9907: Out of bounds read in Dawn
 * CVE-2026-9908: Out of bounds read in ANGLE
 * CVE-2026-9909: Integer overflow in Skia
 * CVE-2026-9910: Out of bounds memory access in ANGLE
 * CVE-2026-9911: Integer overflow in ANGLE
 * CVE-2026-9912: Inappropriate implementation in GPU
 * CVE-2026-9913: Inappropriate implementation in ANGLE
 * CVE-2026-9914: Insufficient validation of untrusted input in ANGLE
 * CVE-2026-9915: Heap buffer overflow in ANGLE
 * CVE-2026-9916: Out of bounds write in ANGLE
 * CVE-2026-9917: Uninitialized Use in WebGL
 * CVE-2026-9918: Inappropriate implementation in Tint
 * CVE-2026-9919: Out of bounds read in WebGL
 * CVE-2026-9920: Uninitialized Use in GPU
 * CVE-2026-9921: Uninitialized Use in WebGL
 * CVE-2026-9922: Use after free in GPU
 * CVE-2026-9923: Use after free in Skia
 * CVE-2026-9924: Heap buffer overflow in ANGLE
 * CVE-2026-9925: Use after free in ANGLE
 * CVE-2026-9926: Heap buffer overflow in ANGLE
 * CVE-2026-9927: Use after free in ANGLE
 * CVE-2026-9928: Out of bounds read in ANGLE
 * CVE-2026-9929: Inappropriate implementation in WebGL
 * CVE-2026-9930: Out of bounds write in Dawn
 * CVE-2026-9931: Use after free in GPU
 * CVE-2026-9932: Use after free in ANGLE
 * CVE-2026-9933: Use after free in Input
 * CVE-2026-9934: Use after free in Aura
 * CVE-2026-9935: Uninitialized Use in ANGLE
 * CVE-2026-9936: Use after free in GFX
 * CVE-2026-9937: Use after free in UI
 * CVE-2026-9938: Inappropriate implementation in V8
 * CVE-2026-9939: Heap buffer overflow in WebCodecs
 * CVE-2026-9940: Heap buffer overflow in ANGLE
 * CVE-2026-9941: Use after free in ANGLE
 * CVE-2026-9942: Uninitialized Use in ANGLE
 * CVE-2026-9943: Out of bounds read in WebGL
 * CVE-2026-9944: Uninitialized Use in ANGLE
 * CVE-2026-9945: Use after free in Media
 * CVE-2026-9946: Use after free in ANGLE
 * CVE-2026-9947: Use after free in XML
 * CVE-2026-9948: Use after free in Views
 * CVE-2026-9949: Use after free in Core
 * CVE-2026-9950: Insufficient validation of untrusted input in iOS
 * CVE-2026-9951: Use after free in UI
 * CVE-2026-9952: Use after free in WebAudio
 * CVE-2026-9953: Out of bounds read in ANGLE
 * CVE-2026-9954: Use after free in TabStrip
 * CVE-2026-9955: Inappropriate implementation in iOS
 * CVE-2026-9956: Use after free in iOS
 * CVE-2026-9957: Use after free in PDF
 * CVE-2026-9958: Use after free in PDFium
 * CVE-2026-9959: Race in WebRTC
 * CVE-2026-9960: Integer overflow in PDFium
 * CVE-2026-9961: Use after free in SurfaceCapture
 * CVE-2026-9962: Use after free in WebRTC
 * CVE-2026-9963: Uninitialized Use in iOS
 * CVE-2026-9964: Use after free in Bluetooth
 * CVE-2026-9965: Out of bounds write in ANGLE
 * CVE-2026-9966: Integer overflow in XML
 * CVE-2026-9967: Out of bounds write in GPU
 * CVE-2026-9968: Integer overflow in V8
 * CVE-2026-9969: Insufficient validation of untrusted input in ANGLE
 * CVE-2026-9970: Use after free in WebGL
 * CVE-2026-9971: Inappropriate implementation in iOS
 * CVE-2026-9972: Uninitialized Use in Gamepad
 * CVE-2026-9973: Out of bounds write in V8
 * CVE-2026-9974: Out of bounds write in GPU
 * CVE-2026-9975: Out of bounds read and write in ANGLE
 * CVE-2026-9976: Inappropriate implementation in USB
 * CVE-2026-9977: Insufficient validation of untrusted input in WebShare
 * CVE-2026-9978: Use after free in Glic
 * CVE-2026-9979: Insufficient validation of untrusted input in Input
 * CVE-2026-9980: Insufficient validation of untrusted input in Printing
 * CVE-2026-9981: Inappropriate implementation in Skia
 * CVE-2026-9982: Insufficient validation of untrusted input in ANGLE
 * CVE-2026-9983: Type Confusion in Skia
 * CVE-2026-9984: Use after free in UI
 * CVE-2026-9985: Insufficient validation of untrusted input in Media
 * CVE-2026-9986: Insufficient validation of untrusted input in OptimizationGuide
 * CVE-2026-9987: Insufficient validation of untrusted input in WebAppInstalls
 * CVE-2026-9988: Use after free in WebRTC
 * CVE-2026-9989: Inappropriate implementation in Media
 * CVE-2026-9990: Use after free in WebAppInstalls
 * CVE-2026-9991: Inappropriate implementation in Media
 * CVE-2026-9992: Use after free in Network
 * CVE-2026-9993: Use after free in Views
 * CVE-2026-9994: Use after free in Core
 * CVE-2026-9995: Use after free in WebXR
 * CVE-2026-9996: Out of bounds read in WebRTC
 * CVE-2026-9997: Use after free in Input
 * CVE-2026-9998: Integer overflow in Skia
 * CVE-2026-9999: Inappropriate implementation in ANGLE
 * CVE-2026-10000: Use after free in Passwords
 * CVE-2026-10001: Use after free in PerformanceManager
 * CVE-2026-10002: Use after free in PDFium
 * CVE-2026-10003: Use after free in Views
 * CVE-2026-10004: Insufficient validation of untrusted input in Passwords
 * CVE-2026-10005: Use after free in WebAppInstalls
 * CVE-2026-10006: Race in WebAudio
 * CVE-2026-10007: Use after free in SVG
 * CVE-2026-10008: Uninitialized Use in GPU
 * CVE-2026-10009: Integer overflow in Skia
 * CVE-2026-10010: Inappropriate implementation in Input
 * CVE-2026-10011: Inappropriate implementation in Skia
 * CVE-2026-10012: Use after free in Skia
 * CVE-2026-10013: Use after free in WebCodecs
 * CVE-2026-10014: Use after free in WebMIDI
 * CVE-2026-10015: Integer overflow in WTF
 * CVE-2026-10016: Use after free in DOM
 * CVE-2026-10017: Out of bounds read in Headless
 * CVE-2026-10018: Integer overflow in ANGLE
 * CVE-2026-10019: Integer overflow in ANGLE
 * CVE-2026-10020: Insufficient validation of untrusted input in Skia
 * CVE-2026-10021: Insufficient validation of untrusted input in USB
 * CVE-2026-10022: Type Confusion in V8

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected chromedriver and / or chromium packages.

See Also

https://bugzilla.suse.com/1266471

https://www.suse.com/security/cve/CVE-2026-10000

https://www.suse.com/security/cve/CVE-2026-9881

https://www.suse.com/security/cve/CVE-2026-9882

https://www.suse.com/security/cve/CVE-2026-9883

https://www.suse.com/security/cve/CVE-2026-9884

https://www.suse.com/security/cve/CVE-2026-9885

https://www.suse.com/security/cve/CVE-2026-9886

https://www.suse.com/security/cve/CVE-2026-9887

https://www.suse.com/security/cve/CVE-2026-9888

https://www.suse.com/security/cve/CVE-2026-9889

https://www.suse.com/security/cve/CVE-2026-9890

https://www.suse.com/security/cve/CVE-2026-9891

https://www.suse.com/security/cve/CVE-2026-9892

https://www.suse.com/security/cve/CVE-2026-9893

https://www.suse.com/security/cve/CVE-2026-9894

https://www.suse.com/security/cve/CVE-2026-9895

https://www.suse.com/security/cve/CVE-2026-9896

https://www.suse.com/security/cve/CVE-2026-9897

https://www.suse.com/security/cve/CVE-2026-9898

https://www.suse.com/security/cve/CVE-2026-9899

https://www.suse.com/security/cve/CVE-2026-9900

https://www.suse.com/security/cve/CVE-2026-9901

https://www.suse.com/security/cve/CVE-2026-9902

https://www.suse.com/security/cve/CVE-2026-9903

https://www.suse.com/security/cve/CVE-2026-9904

https://www.suse.com/security/cve/CVE-2026-9905

https://www.suse.com/security/cve/CVE-2026-9906

https://www.suse.com/security/cve/CVE-2026-9907

https://www.suse.com/security/cve/CVE-2026-9908

https://www.suse.com/security/cve/CVE-2026-9909

https://www.suse.com/security/cve/CVE-2026-9910

https://www.suse.com/security/cve/CVE-2026-9911

https://www.suse.com/security/cve/CVE-2026-9912

https://www.suse.com/security/cve/CVE-2026-9913

https://www.suse.com/security/cve/CVE-2026-9914

https://www.suse.com/security/cve/CVE-2026-9915

https://www.suse.com/security/cve/CVE-2026-9916

https://www.suse.com/security/cve/CVE-2026-9917

https://www.suse.com/security/cve/CVE-2026-9918

https://www.suse.com/security/cve/CVE-2026-9919

https://www.suse.com/security/cve/CVE-2026-9920

https://www.suse.com/security/cve/CVE-2026-9921

https://www.suse.com/security/cve/CVE-2026-9922

https://www.suse.com/security/cve/CVE-2026-9923

https://www.suse.com/security/cve/CVE-2026-9924

https://www.suse.com/security/cve/CVE-2026-9925

https://www.suse.com/security/cve/CVE-2026-9926

https://www.suse.com/security/cve/CVE-2026-9927

https://www.suse.com/security/cve/CVE-2026-9928

https://www.suse.com/security/cve/CVE-2026-9929

https://www.suse.com/security/cve/CVE-2026-9930

https://www.suse.com/security/cve/CVE-2026-9931

https://www.suse.com/security/cve/CVE-2026-9932

https://www.suse.com/security/cve/CVE-2026-9933

https://www.suse.com/security/cve/CVE-2026-9934

https://www.suse.com/security/cve/CVE-2026-9935

https://www.suse.com/security/cve/CVE-2026-9936

https://www.suse.com/security/cve/CVE-2026-9937

https://www.suse.com/security/cve/CVE-2026-9938

https://www.suse.com/security/cve/CVE-2026-9939

https://www.suse.com/security/cve/CVE-2026-9940

https://www.suse.com/security/cve/CVE-2026-9941

https://www.suse.com/security/cve/CVE-2026-9942

https://www.suse.com/security/cve/CVE-2026-9943

https://www.suse.com/security/cve/CVE-2026-9944

https://www.suse.com/security/cve/CVE-2026-9945

https://www.suse.com/security/cve/CVE-2026-9946

https://www.suse.com/security/cve/CVE-2026-9947

https://www.suse.com/security/cve/CVE-2026-9948

https://www.suse.com/security/cve/CVE-2026-9949

https://www.suse.com/security/cve/CVE-2026-9950

https://www.suse.com/security/cve/CVE-2026-9951

https://www.suse.com/security/cve/CVE-2026-9952

https://www.suse.com/security/cve/CVE-2026-9953

https://www.suse.com/security/cve/CVE-2026-9954

https://www.suse.com/security/cve/CVE-2026-9955

https://www.suse.com/security/cve/CVE-2026-9956

https://www.suse.com/security/cve/CVE-2026-9957

https://www.suse.com/security/cve/CVE-2026-9958

https://www.suse.com/security/cve/CVE-2026-9959

https://www.suse.com/security/cve/CVE-2026-9960

https://www.suse.com/security/cve/CVE-2026-9961

https://www.suse.com/security/cve/CVE-2026-9962

https://www.suse.com/security/cve/CVE-2026-9963

https://www.suse.com/security/cve/CVE-2026-9964

https://www.suse.com/security/cve/CVE-2026-9965

https://www.suse.com/security/cve/CVE-2026-9966

https://www.suse.com/security/cve/CVE-2026-9967

https://www.suse.com/security/cve/CVE-2026-9968

https://www.suse.com/security/cve/CVE-2026-9969

https://www.suse.com/security/cve/CVE-2026-9970

https://www.suse.com/security/cve/CVE-2026-9971

https://www.suse.com/security/cve/CVE-2026-9972

https://www.suse.com/security/cve/CVE-2026-9973

https://www.suse.com/security/cve/CVE-2026-9974

https://www.suse.com/security/cve/CVE-2026-9975

https://www.suse.com/security/cve/CVE-2026-9976

https://www.suse.com/security/cve/CVE-2026-9977

https://www.suse.com/security/cve/CVE-2026-9978

https://www.suse.com/security/cve/CVE-2026-9979

https://www.suse.com/security/cve/CVE-2026-9980

https://www.suse.com/security/cve/CVE-2026-9981

https://www.suse.com/security/cve/CVE-2026-9982

https://www.suse.com/security/cve/CVE-2026-9983

https://www.suse.com/security/cve/CVE-2026-9984

https://www.suse.com/security/cve/CVE-2026-9985

https://www.suse.com/security/cve/CVE-2026-9986

https://www.suse.com/security/cve/CVE-2026-9987

https://www.suse.com/security/cve/CVE-2026-9988

https://www.suse.com/security/cve/CVE-2026-9989

https://www.suse.com/security/cve/CVE-2026-9990

https://www.suse.com/security/cve/CVE-2026-9991

https://www.suse.com/security/cve/CVE-2026-9992

https://www.suse.com/security/cve/CVE-2026-9993

https://www.suse.com/security/cve/CVE-2026-9994

https://www.suse.com/security/cve/CVE-2026-9995

https://www.suse.com/security/cve/CVE-2026-9996

https://www.suse.com/security/cve/CVE-2026-9997

https://www.suse.com/security/cve/CVE-2026-9998

https://www.suse.com/security/cve/CVE-2026-9999

https://www.suse.com/security/cve/CVE-2026-10001

https://www.suse.com/security/cve/CVE-2026-10002

https://www.suse.com/security/cve/CVE-2026-10003

https://www.suse.com/security/cve/CVE-2026-10004

https://www.suse.com/security/cve/CVE-2026-10005

https://www.suse.com/security/cve/CVE-2026-10006

https://www.suse.com/security/cve/CVE-2026-10007

https://www.suse.com/security/cve/CVE-2026-10008

https://www.suse.com/security/cve/CVE-2026-10009

https://www.suse.com/security/cve/CVE-2026-10010

https://www.suse.com/security/cve/CVE-2026-10011

https://www.suse.com/security/cve/CVE-2026-10012

https://www.suse.com/security/cve/CVE-2026-10013

https://www.suse.com/security/cve/CVE-2026-10014

https://www.suse.com/security/cve/CVE-2026-10015

https://www.suse.com/security/cve/CVE-2026-10016

https://www.suse.com/security/cve/CVE-2026-10017

https://www.suse.com/security/cve/CVE-2026-10018

https://www.suse.com/security/cve/CVE-2026-10019

https://www.suse.com/security/cve/CVE-2026-10020

https://www.suse.com/security/cve/CVE-2026-10021

https://www.suse.com/security/cve/CVE-2026-10022

https://www.suse.com/security/cve/CVE-2026-9872

https://www.suse.com/security/cve/CVE-2026-9873

https://www.suse.com/security/cve/CVE-2026-9874

https://www.suse.com/security/cve/CVE-2026-9875

https://www.suse.com/security/cve/CVE-2026-9876

https://www.suse.com/security/cve/CVE-2026-9877

https://www.suse.com/security/cve/CVE-2026-9878

https://www.suse.com/security/cve/CVE-2026-9879

https://www.suse.com/security/cve/CVE-2026-9880

Plugin Details

Severity: Critical

ID: 318249

File Name: openSUSE-2026-20849-1.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 6/2/2026

Updated: 6/2/2026

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-9940

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Temporal Score: 8.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2026-9874

Vulnerability Information

CPE: cpe:/o:novell:opensuse:16.0, p-cpe:/a:novell:opensuse:chromedriver, p-cpe:/a:novell:opensuse:chromium

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 5/30/2026

Vulnerability Publication Date: 5/27/2026

Reference Information

CVE: CVE-2026-10000, CVE-2026-10001, CVE-2026-10002, CVE-2026-10003, CVE-2026-10004, CVE-2026-10005, CVE-2026-10006, CVE-2026-10007, CVE-2026-10008, CVE-2026-10009, CVE-2026-10010, CVE-2026-10011, CVE-2026-10012, CVE-2026-10013, CVE-2026-10014, CVE-2026-10015, CVE-2026-10016, CVE-2026-10017, CVE-2026-10018, CVE-2026-10019, CVE-2026-10020, CVE-2026-10021, CVE-2026-10022, CVE-2026-9872, CVE-2026-9873, CVE-2026-9874, CVE-2026-9875, CVE-2026-9876, CVE-2026-9877, CVE-2026-9878, CVE-2026-9879, CVE-2026-9880, CVE-2026-9881, CVE-2026-9882, CVE-2026-9883, CVE-2026-9884, CVE-2026-9885, CVE-2026-9886, CVE-2026-9887, CVE-2026-9888, CVE-2026-9889, CVE-2026-9890, CVE-2026-9891, CVE-2026-9892, CVE-2026-9893, CVE-2026-9894, CVE-2026-9895, CVE-2026-9896, CVE-2026-9897, CVE-2026-9898, CVE-2026-9899, CVE-2026-9900, CVE-2026-9901, CVE-2026-9902, CVE-2026-9903, CVE-2026-9904, CVE-2026-9905, CVE-2026-9906, CVE-2026-9907, CVE-2026-9908, CVE-2026-9909, CVE-2026-9910, CVE-2026-9911, CVE-2026-9912, CVE-2026-9913, CVE-2026-9914, CVE-2026-9915, CVE-2026-9916, CVE-2026-9917, CVE-2026-9918, CVE-2026-9919, CVE-2026-9920, CVE-2026-9921, CVE-2026-9922, CVE-2026-9923, CVE-2026-9924, CVE-2026-9925, CVE-2026-9926, CVE-2026-9927, CVE-2026-9928, CVE-2026-9929, CVE-2026-9930, CVE-2026-9931, CVE-2026-9932, CVE-2026-9933, CVE-2026-9934, CVE-2026-9935, CVE-2026-9936, CVE-2026-9937, CVE-2026-9938, CVE-2026-9939, CVE-2026-9940, CVE-2026-9941, CVE-2026-9942, CVE-2026-9943, CVE-2026-9944, CVE-2026-9945, CVE-2026-9946, CVE-2026-9947, CVE-2026-9948, CVE-2026-9949, CVE-2026-9950, CVE-2026-9951, CVE-2026-9952, CVE-2026-9953, CVE-2026-9954, CVE-2026-9955, CVE-2026-9956, CVE-2026-9957, CVE-2026-9958, CVE-2026-9959, CVE-2026-9960, CVE-2026-9961, CVE-2026-9962, CVE-2026-9963, CVE-2026-9964, CVE-2026-9965, CVE-2026-9966, CVE-2026-9967, CVE-2026-9968, CVE-2026-9969, CVE-2026-9970, CVE-2026-9971, CVE-2026-9972, CVE-2026-9973, CVE-2026-9974, CVE-2026-9975, CVE-2026-9976, CVE-2026-9977, CVE-2026-9978, CVE-2026-9979, CVE-2026-9980, CVE-2026-9981, CVE-2026-9982, CVE-2026-9983, CVE-2026-9984, CVE-2026-9985, CVE-2026-9986, CVE-2026-9987, CVE-2026-9988, CVE-2026-9989, CVE-2026-9990, CVE-2026-9991, CVE-2026-9992, CVE-2026-9993, CVE-2026-9994, CVE-2026-9995, CVE-2026-9996, CVE-2026-9997, CVE-2026-9998, CVE-2026-9999