Bug ID | 1201216 |
---|---|
Summary | VUL-0: chromium: multiple security issues fixed in 103.0.5060.114 |
Classification | openSUSE |
Product | openSUSE Distribution |
Version | Leap 15.4 |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Security |
Assignee | gmbr3@opensuse.org |
Reporter | gabriele.sonnu@suse.com |
QA Contact | security-team@suse.de |
CC | Andreas.Stieger@gmx.de |
Found By | --- |
Blocker | --- |
This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$TBD][1341043] High CVE-2022-2294: Heap buffer overflow in WebRTC. Reported by Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01 [$7500][1336869] High CVE-2022-2295: Type Confusion in V8. Reported by avaue and Buff3tts at S.S.L. on 2022-06-16 [$3000][1327087] High CVE-2022-2296: Use after free in Chrome OS Shell. Reported by Khalil Zhani on 2022-05-19 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. Google is aware that an exploit for CVE-2022-2294 exists in the wild. As usual, our ongoing internal security work was responsible for a wide range of fixes: [1338205] Various fixes from internal audits, fuzzing and other initiatives