Security update for chromium SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2021:1392-1 Final 1 1 2021-10-26T09:59:35Z current 2021-10-26T09:59:35Z 2021-10-26T09:59:35Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for chromium This update for chromium fixes the following issues: Chromium 95.0.4638.54 (boo#1191844): * CVE-2021-37981: Heap buffer overflow in Skia * CVE-2021-37982: Use after free in Incognito * CVE-2021-37983: Use after free in Dev Tools * CVE-2021-37984: Heap buffer overflow in PDFium * CVE-2021-37985: Use after free in V8 * CVE-2021-37986: Heap buffer overflow in Settings * CVE-2021-37987: Use after free in Network APIs * CVE-2021-37988: Use after free in Profiles * CVE-2021-37989: Inappropriate implementation in Blink * CVE-2021-37990: Inappropriate implementation in WebView * CVE-2021-37991: Race in V8 * CVE-2021-37992: Out of bounds read in WebAudio * CVE-2021-37993: Use after free in PDF Accessibility * CVE-2021-37996: Insufficient validation of untrusted input in Downloads * CVE-2021-37994: Inappropriate implementation in iFrame Sandbox * CVE-2021-37995: Inappropriate implementation in WebApp Installer The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2021-1392 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ E-Mail link for openSUSE-SU-2021:1392-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1191844 SUSE Bug 1191844 https://www.suse.com/security/cve/CVE-2021-37981/ SUSE CVE CVE-2021-37981 page https://www.suse.com/security/cve/CVE-2021-37982/ SUSE CVE CVE-2021-37982 page https://www.suse.com/security/cve/CVE-2021-37983/ SUSE CVE CVE-2021-37983 page https://www.suse.com/security/cve/CVE-2021-37984/ SUSE CVE CVE-2021-37984 page https://www.suse.com/security/cve/CVE-2021-37985/ SUSE CVE CVE-2021-37985 page https://www.suse.com/security/cve/CVE-2021-37986/ SUSE CVE CVE-2021-37986 page https://www.suse.com/security/cve/CVE-2021-37987/ SUSE CVE CVE-2021-37987 page https://www.suse.com/security/cve/CVE-2021-37988/ SUSE CVE CVE-2021-37988 page https://www.suse.com/security/cve/CVE-2021-37989/ SUSE CVE CVE-2021-37989 page https://www.suse.com/security/cve/CVE-2021-37990/ SUSE CVE CVE-2021-37990 page https://www.suse.com/security/cve/CVE-2021-37991/ SUSE CVE CVE-2021-37991 page https://www.suse.com/security/cve/CVE-2021-37992/ SUSE CVE CVE-2021-37992 page https://www.suse.com/security/cve/CVE-2021-37993/ SUSE CVE CVE-2021-37993 page https://www.suse.com/security/cve/CVE-2021-37994/ SUSE CVE CVE-2021-37994 page https://www.suse.com/security/cve/CVE-2021-37995/ SUSE CVE CVE-2021-37995 page https://www.suse.com/security/cve/CVE-2021-37996/ SUSE CVE CVE-2021-37996 page SUSE Package Hub 15 SP3 openSUSE Leap 15.3 chromedriver-95.0.4638.54-bp153.2.37.1 chromium-95.0.4638.54-bp153.2.37.1 chromedriver-95.0.4638.54-bp153.2.37.1 as a component of SUSE Package Hub 15 SP3 chromium-95.0.4638.54-bp153.2.37.1 as a component of SUSE Package Hub 15 SP3 chromedriver-95.0.4638.54-bp153.2.37.1 as a component of openSUSE Leap 15.3 chromium-95.0.4638.54-bp153.2.37.1 as a component of openSUSE Leap 15.3 Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-37981 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37981.html CVE-2021-37981 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37982 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37982.html CVE-2021-37982 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37983 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37983.html CVE-2021-37983 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37984 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37984.html CVE-2021-37984 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37985 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37985.html CVE-2021-37985 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37986 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37986.html CVE-2021-37986 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37987 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37987.html CVE-2021-37987 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37988 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37988.html CVE-2021-37988 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page. CVE-2021-37989 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37989.html CVE-2021-37989 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app. CVE-2021-37990 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37990.html CVE-2021-37990 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37991 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37991.html CVE-2021-37991 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37992 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37992.html CVE-2021-37992 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37993 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37993.html CVE-2021-37993 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2021-37994 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37994.html CVE-2021-37994 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2021-37995 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37995.html CVE-2021-37995 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file. CVE-2021-37996 SUSE Package Hub 15 SP3:chromedriver-95.0.4638.54-bp153.2.37.1 SUSE Package Hub 15 SP3:chromium-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromedriver-95.0.4638.54-bp153.2.37.1 openSUSE Leap 15.3:chromium-95.0.4638.54-bp153.2.37.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/ https://www.suse.com/security/cve/CVE-2021-37996.html CVE-2021-37996 https://bugzilla.suse.com/1191844 SUSE Bug 1191844