Lucene search
SuseOPENSUSE-SU-2021:1462-1HistoryNov 08, 2021 - 12:00 a.m.
Security update for chromium (important)
2021-11-0800:00:00
lists.opensuse.org
32
0.021 Low
EPSS
Percentile
89.1%
An update that fixes 7 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium 95.0.4638.69 (boo#1192184):
- CVE-2021-37997: Use after free in Sign-In
- CVE-2021-37998: Use after free in Garbage Collection
- CVE-2021-37999: Insufficient data validation in New Tab Page
- CVE-2021-38000: Insufficient validation of untrusted input in Intents
- CVE-2021-38001: Type Confusion in V8
- CVE-2021-38002: Use after free in Web Transport
- CVE-2021-38003: Inappropriate implementation in V8
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or βzypper patchβ.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-1462=1
-
openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2021-1462=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.2 | x86_64 | <Β - openSUSE Leap 15.2 (x86_64): | - openSUSE Leap 15.2 (x86_64):.x86_64.rpm | |
| openSUSE Backports SLE | 15-SP3 | aarch64 | - opensuse backports sle | <Β 15-SP3 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 x86_64):.aarch64.rpm |
| openSUSE Backports SLE | 15-SP3 | x86_64 | - opensuse backports sle | <Β 15-SP3 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 x86_64):.x86_64.rpm |
Related
nessus
nessus
Microsoft Edge (Chromium) < 95.0.1020.40 Multiple Vulnerabilities
2021-10-29 00:00:00
openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1462-1)
2021-11-09 00:00:00
openvas
openvas
freebsd
freebsd
chromium -- multiple vulnerabilities
2021-10-28 00:00:00
kaspersky
kaspersky
KLA12333 Multiple vulnerabilities in Microsoft Browser
2021-10-29 00:00:00
KLA12332 Multiple vulnerabilities in Google Chrome
2021-10-28 00:00:00
KLA12353 Multiple vulnerabilities in Opera
2021-11-17 00:00:00
archlinux
archlinux
[ASA-202110-7] chromium: multiple issues
2021-10-29 00:00:00
[ASA-202111-8] opera: multiple issues
2021-11-18 00:00:00
[ASA-202112-1] vivaldi: multiple issues
2021-12-03 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2021-10-28 00:00:00
hivepro
hivepro
For the third month in a row, itβs time to update Google Chrome
2021-10-31 10:11:09
debiancve
debiancve
nvd
nvd
mscve
mscve
Chromium: CVE-2021-37998 Use after free in Garbage Collection
2021-10-29 16:52:00
Chromium: CVE-2021-38002 Use after free in Web Transport
2021-10-29 16:52:36
Chromium: CVE-2021-37997 Use after free in Sign-In
2021-10-29 16:51:50
cvelist
cvelist
ubuntucve
ubuntucve
alpinelinux
alpinelinux
CVE-2021-38001
2021-11-23 22:15:07
CVE-2021-38003
2021-11-23 22:15:07
veracode
veracode
Denial Of Service (DoS)
2021-11-09 15:12:55
Privilege Escalation
2021-11-09 15:15:20
Remote Code Execution (RCE)
2021-11-09 15:16:24
thn
thn
Cytrox's Predator Spyware Targeted Android Users with Zero-Day Exploits
2022-05-20 10:58:00
cnvd
cnvd
Google Chrome New Tabs Data Validation Insufficient Vulnerability
2021-10-29 00:00:00
Google Chrome Post-release Reuse Vulnerability (CNVD-2021-99261)
2021-10-29 00:00:00
Google Chrome Post-release Reuse Vulnerability (CNVD-2021-99264)
2021-10-29 00:00:00
prion
prion
Design/Logic Flaw
2021-11-23 22:15:00
Double free
2021-11-23 22:15:00
Input validation
2021-11-23 22:15:00
cve
cve
attackerkb
attackerkb
CVE-2021-38003
2021-11-23 00:00:00
CVE-2021-38000
2021-11-23 00:00:00
redhatcve
redhatcve
CVE-2021-38000
2022-05-20 23:15:54
vulnrichment
vulnrichment
CVE-2021-38000
2021-11-23 21:30:26
talosblog
talosblog
Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware
2023-05-25 12:02:19
githubexploit
githubexploit
Exploit for Type Confusion in Google Chrome
2021-11-05 02:58:15
Exploit for Type Confusion in Google Chrome
2021-11-05 03:18:46
Exploit for Type Confusion in Google Chrome
2023-05-08 14:43:03
malwarebytes
malwarebytes
cisa_kev
cisa_kev
Google Chromium V8 Memory Corruption Vulnerability
2021-11-03 00:00:00
Google Chromium Intents Improper Input Validation Vulnerability
2021-11-03 00:00:00
suse
suse
Security update for nodejs-electron (important)
2022-03-03 00:00:00
Security update for opera (important)
2022-02-21 00:00:00
Security update for opera (important)
2022-04-08 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: chromium-96.0.4664.110-3.fc34
2022-01-07 01:12:20
[SECURITY] Fedora 35 Update: chromium-96.0.4664.110-3.fc35
2022-01-29 06:39:34
[SECURITY] Fedora 35 Update: qt5-qtwebengine-5.15.8-2.fc35
2022-01-30 01:44:13
threatpost
threatpost
Chrome Zero-Day Under Active Attack: Patch ASAP
2022-02-15 18:33:28
Google Chrome Bug Actively Exploited as Zero-Day
2022-03-30 16:14:30
github
github
The Chromium super (inline cache) type confusion
2022-06-29 18:39:46
debian
debian
[SECURITY] [DSA 5046-1] chromium security update
2022-01-14 19:31:45
osv
osv
chromium - security update
2022-01-14 00:00:00
gentoo
gentoo
Chromium, Google Chrome: Multiple vulnerabilities
2022-01-31 00:00:00
mageia
mageia
Updated qtwebengine5 packages fix security vulnerability
2022-02-05 23:23:13
googleprojectzero
googleprojectzero
The More You Know, The More You Know You Donβt Know
2022-04-19 00:00:00
qualysblog
qualysblog
Qualys Response to CISA Alert: Binding Operational Directive 22-01
2021-11-09 06:15:01
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00