Bug ID 1201216
Summary VUL-0: chromium: multiple security issues fixed in 103.0.5060.114
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.4
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee gmbr3@opensuse.org
Reporter gabriele.sonnu@suse.com
QA Contact security-team@suse.de
CC Andreas.Stieger@gmx.de
Found By ---
Blocker --- 

This update includes 4 security fixes. Below, we highlight fixes that were
contributed by external researchers. Please see the Chrome Security Page for
more information.

[$TBD][1341043] High CVE-2022-2294: Heap buffer overflow in WebRTC. Reported by
Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01

[$7500][1336869] High CVE-2022-2295: Type Confusion in V8. Reported by avaue
and Buff3tts at S.S.L. on 2022-06-16

[$3000][1327087] High CVE-2022-2296: Use after free in Chrome OS Shell.
Reported by Khalil Zhani on 2022-05-19

We would also like to thank all security researchers that worked with us during
the development cycle to prevent security bugs from ever reaching the stable
channel.

Google is aware that an exploit for CVE-2022-2294 exists in the wild.

As usual, our ongoing internal security work was responsible for a wide range
of fixes:

[1338205] Various fixes from internal audits, fuzzing and other initiatives

You are receiving this mail because: