Gentoo Linux Security Advisory 201811-10 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which allows remote attackers to execute arbitrary code. Versions less than 70.0.3538.67 are affected.
34e4453a5a067821b9371405bfb3acde3b985fc5d76924eb9eeef98b76a6647a
Chrome has missing validation in the deserialization routines for both DataPipeConsumerDispatcher and DataPipeProducerDispatcher, which take from the incoming message a read_offset/write_offset respectively into shared memory. Providing an offset outside the bounds of the allocated memory will then result in an out-of-bounds read/write when the pipe is used.
d1c10f2bf9feaa3822d838795ee22e210b6fbe031a801f2821a9365aceb1fd14
Red Hat Security Advisory 2018-2666-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 69.0.3497.81. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.
715c4bf8fad5d331fd2f662402160ba5024ee90eade1e6a71edc4c46d5f3c21a
Debian Linux Security Advisory 4289-1 - Several vulnerabilities have been discovered in the chromium web browser.
bc10625317cddb4c96eb3870683bf7a63ec6583518b12fe9bd0ab22f3ab33119