Test ID:	1.3.6.1.4.1.25623.1.0.854215
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for chromium (openSUSE-SU-2021:1350-1)
Summary:	The remote host is missing an update for the 'chromium'; package(s) announced via the openSUSE-SU-2021:1350-1 advisory.
Description:	Summary: The remote host is missing an update for the 'chromium' package(s) announced via the openSUSE-SU-2021:1350-1 advisory. Vulnerability Insight: This update for chromium fixes the following issues: Chromium 94.0.4606.81 (boo#1191463): * CVE-2021-37977: Use after free in Garbage Collection * CVE-2021-37978: Heap buffer overflow in Blink * CVE-2021-37979: Heap buffer overflow in WebRTC * CVE-2021-37980: Inappropriate implementation in Sandbox Chromium 94.0.4606.54 (boo#1190765): * CVE-2021-37956: Use after free in Offline use * CVE-2021-37957: Use after free in WebGPU * CVE-2021-37958: Inappropriate implementation in Navigation * CVE-2021-37959: Use after free in Task Manager * CVE-2021-37960: Inappropriate implementation in Blink graphics * CVE-2021-37961: Use after free in Tab Strip * CVE-2021-37962: Use after free in Performance Manager * CVE-2021-37963: Side-channel information leakage in DevTools * CVE-2021-37964: Inappropriate implementation in ChromeOS Networking * CVE-2021-37965: Inappropriate implementation in Background Fetch API * CVE-2021-37966: Inappropriate implementation in Compositing * CVE-2021-37967: Inappropriate implementation in Background Fetch API * CVE-2021-37968: Inappropriate implementation in Background Fetch API * CVE-2021-37969: Inappropriate implementation in Google Updater * CVE-2021-37970: Use after free in File System API * CVE-2021-37971: Incorrect security UI in Web Browser UI * CVE-2021-37972: Out of bounds read in libjpeg-turbo Chromium 94.0.4606.61 (boo#1191166): * CVE-2021-37973: Use after free in Portals Chromium 94.0.4606.71 (boo#1191204): * CVE-2021-37974 : Use after free in Safe Browsing * CVE-2021-37975 : Use after free in V8 * CVE-2021-37976 : Information leak in core Affected Software/OS: 'chromium' package(s) on openSUSE Leap 15.2. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-37956 Debian Security Information: DSA-5046 (Google Search) https://www.debian.org/security/2022/dsa-5046 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/ https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html https://crbug.com/1243117 Common Vulnerability Exposure (CVE) ID: CVE-2021-37957 https://crbug.com/1242269 Common Vulnerability Exposure (CVE) ID: CVE-2021-37958 https://crbug.com/1223290 Common Vulnerability Exposure (CVE) ID: CVE-2021-37959 https://crbug.com/1229625 Common Vulnerability Exposure (CVE) ID: CVE-2021-37960 Common Vulnerability Exposure (CVE) ID: CVE-2021-37961 https://crbug.com/1228557 Common Vulnerability Exposure (CVE) ID: CVE-2021-37962 https://crbug.com/1231933 Common Vulnerability Exposure (CVE) ID: CVE-2021-37963 https://crbug.com/1199865 Common Vulnerability Exposure (CVE) ID: CVE-2021-37964 https://crbug.com/1203612 Common Vulnerability Exposure (CVE) ID: CVE-2021-37965 https://crbug.com/1239709 Common Vulnerability Exposure (CVE) ID: CVE-2021-37966 https://crbug.com/1238944 Common Vulnerability Exposure (CVE) ID: CVE-2021-37967 https://crbug.com/1243622 Common Vulnerability Exposure (CVE) ID: CVE-2021-37968 https://crbug.com/1245053 Common Vulnerability Exposure (CVE) ID: CVE-2021-37969 https://crbug.com/1245879 Common Vulnerability Exposure (CVE) ID: CVE-2021-37970 https://crbug.com/1248030 Common Vulnerability Exposure (CVE) ID: CVE-2021-37971 https://crbug.com/1219354 Common Vulnerability Exposure (CVE) ID: CVE-2021-37972 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B7G7UQ57NOKHQBYIHNJAFKFVWOQ6ZNU6/ https://crbug.com/1234259 Common Vulnerability Exposure (CVE) ID: CVE-2021-37973 https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_24.html https://crbug.com/1251727 Common Vulnerability Exposure (CVE) ID: CVE-2021-37974 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D63JZ3ROXCUHP4CFWDHCPZNTGET7T34R/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNARCF5HEZK7GJXZRN5TQ45AQDCRM2WO/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRFXUDH46PFVE75VQVWY6PYY5DK3S2XT/ https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_30.html https://crbug.com/1245578 Common Vulnerability Exposure (CVE) ID: CVE-2021-37975 http://packetstormsecurity.com/files/172847/Chrome-V8-Logic-Bug-Use-After-Free.html https://crbug.com/1252918 Common Vulnerability Exposure (CVE) ID: CVE-2021-37976 https://crbug.com/1251787 Common Vulnerability Exposure (CVE) ID: CVE-2021-37977 https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html https://crbug.com/1252878 Common Vulnerability Exposure (CVE) ID: CVE-2021-37978 https://crbug.com/1236318 Common Vulnerability Exposure (CVE) ID: CVE-2021-37979 https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1372 https://crbug.com/1247260 Common Vulnerability Exposure (CVE) ID: CVE-2021-37980 https://crbug.com/1254631
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.