https://bugzilla.suse.com/show_bug.cgi?id=1229591 Bug ID: 1229591 Summary: VUL-0: chromium: multiple vulnerabilities fixed in 128.0.6613.84 Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: Andreas.Stieger@gmx.de Reporter: Andreas.Stieger@gmx.de QA Contact: qa-bugs@suse.de CC: gmbr3@opensuse.org, ro@suse.com, security-team@suse.de Target Milestone: --- Found By: --- Blocker: --- From https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desk... CVE-2024-7964: Use after free in Passwords CVE-2024-7965: Inappropriate implementation in V8 CVE-2024-7966: Out of bounds memory access in Skia CVE-2024-7967: Heap buffer overflow in Fonts CVE-2024-7968: Use after free in Autofill CVE-2024-7969: Type Confusion in V8 CVE-2024-7971: Type confusion in V8 CVE-2024-7972: Inappropriate implementation in V8 CVE-2024-7973: Heap buffer overflow in PDFium CVE-2024-7974: Insufficient data validation in V8 API CVE-2024-7975: Inappropriate implementation in Permissions CVE-2024-7976: Inappropriate implementation in FedCM CVE-2024-7977: Insufficient data validation in Installer CVE-2024-7978: Insufficient policy enforcement in Data Transfer CVE-2024-7979: Insufficient data validation in Installer CVE-2024-7980: Insufficient data validation in Installer CVE-2024-7981: Inappropriate implementation in Views CVE-2024-8033: Inappropriate implementation in WebApp Installs CVE-2024-8034: Inappropriate implementation in Custom Tabs CVE-2024-8035: Inappropriate implementation in Extensions Various fixes from internal audits, fuzzing and other initiatives Google is aware that an exploit for CVE-2024-7971 exists in the wild. -- You are receiving this mail because: You are on the CC list for the bug.