what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Red Hat Security Advisory 2020-3377-01

Red Hat Security Advisory 2020-3377-01
Posted Aug 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3377-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 84.0.4147.105. Issues addressed include buffer overflow, bypass, information leakage, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-6510, CVE-2020-6511, CVE-2020-6512, CVE-2020-6513, CVE-2020-6514, CVE-2020-6515, CVE-2020-6516, CVE-2020-6517, CVE-2020-6518, CVE-2020-6519, CVE-2020-6520, CVE-2020-6521, CVE-2020-6522, CVE-2020-6523, CVE-2020-6524, CVE-2020-6525, CVE-2020-6526, CVE-2020-6527, CVE-2020-6528, CVE-2020-6529, CVE-2020-6530, CVE-2020-6531, CVE-2020-6532, CVE-2020-6533, CVE-2020-6534, CVE-2020-6535, CVE-2020-6536, CVE-2020-6537
SHA-256 | 7c97a1d44e03cbe6956658d288db0cd7a556ba1523e497884d0f0ebdfa34f117

Red Hat Security Advisory 2020-3377-01

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Critical: chromium-browser security update
Advisory ID: RHSA-2020:3377-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://access.redhat.com/errata/RHSA-2020:3377
Issue date: 2020-08-10
CVE Names: CVE-2020-6510 CVE-2020-6511 CVE-2020-6512
CVE-2020-6513 CVE-2020-6514 CVE-2020-6515
CVE-2020-6516 CVE-2020-6517 CVE-2020-6518
CVE-2020-6519 CVE-2020-6520 CVE-2020-6521
CVE-2020-6522 CVE-2020-6523 CVE-2020-6524
CVE-2020-6525 CVE-2020-6526 CVE-2020-6527
CVE-2020-6528 CVE-2020-6529 CVE-2020-6530
CVE-2020-6531 CVE-2020-6532 CVE-2020-6533
CVE-2020-6534 CVE-2020-6535 CVE-2020-6536
CVE-2020-6537 CVE-2020-6538 CVE-2020-6539
CVE-2020-6540 CVE-2020-6541
====================================================================
1. Summary:

An update for chromium-browser is now available for Red Hat Enterprise
Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, i686, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - i686, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, i686, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, i686, x86_64

3. Description:

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 84.0.4147.105.

Security Fix(es):

* chromium-browser: Heap buffer overflow in background fetch
(CVE-2020-6510)

* chromium-browser: Side-channel information leakage in content security
policy (CVE-2020-6511)

* chromium-browser: Type Confusion in V8 (CVE-2020-6512)

* chromium-browser: Heap buffer overflow in PDFium (CVE-2020-6513)

* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)

* chromium-browser: Use after free in tab strip (CVE-2020-6515)

* chromium-browser: Policy bypass in CORS (CVE-2020-6516)

* chromium-browser: Heap buffer overflow in history (CVE-2020-6517)

* chromium-browser: Use after free in SCTP (CVE-2020-6532)

* chromium-browser: Type Confusion in V8 (CVE-2020-6537)

* chromium-browser: Inappropriate implementation in WebView (CVE-2020-6538)

* chromium-browser: Use after free in CSS (CVE-2020-6539)

* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6540)

* chromium-browser: Use after free in WebUSB (CVE-2020-6541)

* chromium-browser: Use after free in developer tools (CVE-2020-6518)

* chromium-browser: Policy bypass in CSP (CVE-2020-6519)

* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6520)

* chromium-browser: Side-channel information leakage in autofill
(CVE-2020-6521)

* chromium-browser: Inappropriate implementation in external protocol
handlers (CVE-2020-6522)

* chromium-browser: Out of bounds write in Skia (CVE-2020-6523)

* chromium-browser: Heap buffer overflow in WebAudio (CVE-2020-6524)

* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6525)

* chromium-browser: Inappropriate implementation in iframe sandbox
(CVE-2020-6526)

* chromium-browser: Insufficient policy enforcement in CSP (CVE-2020-6527)

* chromium-browser: Incorrect security UI in basic auth (CVE-2020-6528)

* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6529)

* chromium-browser: Out of bounds memory access in developer tools
(CVE-2020-6530)

* chromium-browser: Side-channel information leakage in scroll to text
(CVE-2020-6531)

* chromium-browser: Type Confusion in V8 (CVE-2020-6533)

* chromium-browser: Heap buffer overflow in WebRTC (CVE-2020-6534)

* chromium-browser: Insufficient data validation in WebUI (CVE-2020-6535)

* chromium-browser: Incorrect security UI in PWAs (CVE-2020-6536)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Chromium must be restarted for the changes to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1857320 - CVE-2020-6511 chromium-browser: Side-channel information leakage in content security policy
1857321 - CVE-2020-6512 chromium-browser: Type Confusion in V8
1857322 - CVE-2020-6513 chromium-browser: Heap buffer overflow in PDFium
1857323 - CVE-2020-6515 chromium-browser: Use after free in tab strip
1857324 - CVE-2020-6516 chromium-browser: Policy bypass in CORS
1857325 - CVE-2020-6518 chromium-browser: Use after free in developer tools
1857326 - CVE-2020-6519 chromium-browser: Policy bypass in CSP
1857327 - CVE-2020-6520 chromium-browser: Heap buffer overflow in Skia
1857328 - CVE-2020-6521 chromium-browser: Side-channel information leakage in autofill
1857329 - CVE-2020-6523 chromium-browser: Out of bounds write in Skia
1857330 - CVE-2020-6524 chromium-browser: Heap buffer overflow in WebAudio
1857331 - CVE-2020-6525 chromium-browser: Heap buffer overflow in Skia
1857332 - CVE-2020-6526 chromium-browser: Inappropriate implementation in iframe sandbox
1857333 - CVE-2020-6527 chromium-browser: Insufficient policy enforcement in CSP
1857334 - CVE-2020-6528 chromium-browser: Incorrect security UI in basic auth
1857336 - CVE-2020-6529 chromium-browser: Inappropriate implementation in WebRTC
1857337 - CVE-2020-6530 chromium-browser: Out of bounds memory access in developer tools
1857338 - CVE-2020-6531 chromium-browser: Side-channel information leakage in scroll to text
1857339 - CVE-2020-6533 chromium-browser: Type Confusion in V8
1857340 - CVE-2020-6534 chromium-browser: Heap buffer overflow in WebRTC
1857341 - CVE-2020-6535 chromium-browser: Insufficient data validation in WebUI
1857342 - CVE-2020-6536 chromium-browser: Incorrect security UI in PWAs
1857349 - CVE-2020-6514 chromium-browser: Inappropriate implementation in WebRTC
1857351 - CVE-2020-6517 chromium-browser: Heap buffer overflow in history
1857352 - CVE-2020-6522 chromium-browser: Inappropriate implementation in external protocol handlers
1857400 - CVE-2020-6510 chromium-browser: Heap buffer overflow in background fetch
1861464 - CVE-2020-6537 chromium-browser: Type Confusion in V8
1861465 - CVE-2020-6538 chromium-browser: Inappropriate implementation in WebView
1861466 - CVE-2020-6532 chromium-browser: Use after free in SCTP
1861467 - CVE-2020-6539 chromium-browser: Use after free in CSS
1861468 - CVE-2020-6540 chromium-browser: Heap buffer overflow in Skia
1861469 - CVE-2020-6541 chromium-browser: Use after free in WebUSB

6. Package List:

Red Hat Enterprise Linux Desktop Supplementary (v. 6):

i386:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

i686:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

x86_64:
chromium-browser-84.0.4147.105-2.el6_10.x86_64.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.x86_64.rpm

Red Hat Enterprise Linux HPC Node Supplementary (v. 6):

i686:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

x86_64:
chromium-browser-84.0.4147.105-2.el6_10.x86_64.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.x86_64.rpm

Red Hat Enterprise Linux Server Supplementary (v. 6):

i386:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

i686:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

x86_64:
chromium-browser-84.0.4147.105-2.el6_10.x86_64.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.x86_64.rpm

Red Hat Enterprise Linux Workstation Supplementary (v. 6):

i386:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

i686:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

x86_64:
chromium-browser-84.0.4147.105-2.el6_10.x86_64.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-6510
https://access.redhat.com/security/cve/CVE-2020-6511
https://access.redhat.com/security/cve/CVE-2020-6512
https://access.redhat.com/security/cve/CVE-2020-6513
https://access.redhat.com/security/cve/CVE-2020-6514
https://access.redhat.com/security/cve/CVE-2020-6515
https://access.redhat.com/security/cve/CVE-2020-6516
https://access.redhat.com/security/cve/CVE-2020-6517
https://access.redhat.com/security/cve/CVE-2020-6518
https://access.redhat.com/security/cve/CVE-2020-6519
https://access.redhat.com/security/cve/CVE-2020-6520
https://access.redhat.com/security/cve/CVE-2020-6521
https://access.redhat.com/security/cve/CVE-2020-6522
https://access.redhat.com/security/cve/CVE-2020-6523
https://access.redhat.com/security/cve/CVE-2020-6524
https://access.redhat.com/security/cve/CVE-2020-6525
https://access.redhat.com/security/cve/CVE-2020-6526
https://access.redhat.com/security/cve/CVE-2020-6527
https://access.redhat.com/security/cve/CVE-2020-6528
https://access.redhat.com/security/cve/CVE-2020-6529
https://access.redhat.com/security/cve/CVE-2020-6530
https://access.redhat.com/security/cve/CVE-2020-6531
https://access.redhat.com/security/cve/CVE-2020-6532
https://access.redhat.com/security/cve/CVE-2020-6533
https://access.redhat.com/security/cve/CVE-2020-6534
https://access.redhat.com/security/cve/CVE-2020-6535
https://access.redhat.com/security/cve/CVE-2020-6536
https://access.redhat.com/security/cve/CVE-2020-6537
https://access.redhat.com/security/cve/CVE-2020-6538
https://access.redhat.com/security/cve/CVE-2020-6539
https://access.redhat.com/security/cve/CVE-2020-6540
https://access.redhat.com/security/cve/CVE-2020-6541
https://access.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXzDrltzjgjWX9erEAQjq4A/9F+d6YmvVus3nDkp0gDfuzIt7/Vxs8Fu6
6iMLBHeBDyeiCzQ6s/uhRMfhOV8PpzR0fx60X4wJQAnS71c/XdHN6EhP6ZMPYyRe
nO3rCiFx9EWNeQfkTXD5ngeGvcTjWPkhcH/Gm4C/BJ0HUmP8/FAwVSxHQ/cVah6h
4xfBf9NTRrt944tc+f/gScpuAk2JZMhGoc489tTkNXJ06wOQXPxypJV9GYiLNxoP
9dTv9xvvmTT0Pkct9L7aJyI6XWY2gr1gxfmxlZ0xZumlaOVi1Ug7JafhoKM6sNyV
PSV7Ic4hJTKRtmdO9BWh4ja8fgKAsm7pYsiSMB2hc62qfjyXT3ANKBU6ZXfkaFeo
5Z2xCnaCl2rTN6gExxTC7md2gpPIikpF9uu+7PWhzZEKTgxVdsM+n8Yb2o9/W5j0
r/ggx7pt5dG06gDBUmN1Y2iny9opdFHdxcYkZWSa1K9JuRNL/uhuLIc5pVtZ2BEW
/lwW7HXD1thdsCSueOiDHibf6RtDN0mieRFjfTJHA/wqb6pjfPJ+jk26nzsIVTbv
7JMiJYqYGxNORebhJ/425weveVaiBva8G6puY8hiNqnoe8AHCl7REg4/IpqWH88a
eSXQHDCZGNIc2h9VRhobbZ6AD/yAu9dy711Eel/JhwOzGBZmUxNdv4O/ur4PT9FX
BJye0FQqWD8=MNeg
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close