New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 8.9
SynopsisThe remote openSUSE host is missing a security update.
DescriptionChromium was updated to 57.0.2987.98 to fix security issues and bugs.
The following vulnerabilities were fixed (bsc#1028848) :
- CVE-2017-5030: Memory corruption in V8
- CVE-2017-5031: Use after free in ANGLE
- CVE-2017-5032: Out of bounds write in PDFium
- CVE-2017-5029: Integer overflow in libxslt
- CVE-2017-5034: Use after free in PDFium
- CVE-2017-5035: Incorrect security UI in Omnibox
- CVE-2017-5036: Use after free in PDFium
- CVE-2017-5037: Multiple out of bounds writes in ChunkDemuxer
- CVE-2017-5039: Use after free in PDFium
- CVE-2017-5040: Information disclosure in V8
- CVE-2017-5041: Address spoofing in Omnibox
- CVE-2017-5033: Bypass of Content Security Policy in Blink
- CVE-2017-5042: Incorrect handling of cookies in Cast
- CVE-2017-5038: Use after free in GuestView
- CVE-2017-5043: Use after free in GuestView
- CVE-2017-5044: Heap overflow in Skia
- CVE-2017-5045: Information disclosure in XSS Auditor
- CVE-2017-5046: Information disclosure in Blink
The following non-security changes are included :
- Address broken rendering on non-intel cards
SolutionUpdate the affected Chromium packages.