Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 836011 (CVE-2022-1096) - <www-client/chromium-99.0.4844.84 <www-client/google-chrome-99.0.4844.84 <www-client/microsoft-edge-99.0.1150.55: Type Confusion in V8
Summary: <www-client/chromium-99.0.4844.84 <www-client/google-chrome-99.0.4844.84 <www...
Status: RESOLVED FIXED
Alias: CVE-2022-1096
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A2 [glsa+]
Keywords:
Depends on: 836159 836830
Blocks:
  Show dependency tree
 
Reported: 2022-03-25 19:42 UTC by Stephan Hartmann (RETIRED)
Modified: 2022-08-14 14:39 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stephan Hartmann (RETIRED) gentoo-dev 2022-03-25 19:42:55 UTC
[1309225] High CVE-2022-1096: Type Confusion in V8. Reported by anonymous on 2022-03-23

Google is aware that an exploit for CVE-2022-1096 exists in the wild.
Comment 1 Larry the Git Cow gentoo-dev 2022-03-26 09:36:19 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3e81f0d045c8bdf416e749285b58782b1d91573f

commit 3e81f0d045c8bdf416e749285b58782b1d91573f
Author:     Stephan Hartmann <sultan@gentoo.org>
AuthorDate: 2022-03-26 09:35:39 +0000
Commit:     Stephan Hartmann <sultan@gentoo.org>
CommitDate: 2022-03-26 09:35:39 +0000

    www-client/chromium: stable channel bump to 99.0.4844.84
    
    Bug: https://bugs.gentoo.org/836011
    Signed-off-by: Stephan Hartmann <sultan@gentoo.org>

 www-client/chromium/Manifest                     |    1 +
 www-client/chromium/chromium-99.0.4844.84.ebuild | 1013 ++++++++++++++++++++++
 2 files changed, 1014 insertions(+)
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-08-14 04:58:49 UTC
GLSA request filed
Comment 3 Larry the Git Cow gentoo-dev 2022-08-14 14:34:30 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=3212eacb7aa1bccb5bf765cd0a4fb91d206ad2c5

commit 3212eacb7aa1bccb5bf765cd0a4fb91d206ad2c5
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-08-14 14:29:30 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-08-14 14:33:57 +0000

    [ GLSA 202208-25 ] Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/773040
    Bug: https://bugs.gentoo.org/787950
    Bug: https://bugs.gentoo.org/800181
    Bug: https://bugs.gentoo.org/810781
    Bug: https://bugs.gentoo.org/815397
    Bug: https://bugs.gentoo.org/828519
    Bug: https://bugs.gentoo.org/829161
    Bug: https://bugs.gentoo.org/834477
    Bug: https://bugs.gentoo.org/835397
    Bug: https://bugs.gentoo.org/835761
    Bug: https://bugs.gentoo.org/836011
    Bug: https://bugs.gentoo.org/836381
    Bug: https://bugs.gentoo.org/836777
    Bug: https://bugs.gentoo.org/836830
    Bug: https://bugs.gentoo.org/837497
    Bug: https://bugs.gentoo.org/838049
    Bug: https://bugs.gentoo.org/838433
    Bug: https://bugs.gentoo.org/838682
    Bug: https://bugs.gentoo.org/841371
    Bug: https://bugs.gentoo.org/843035
    Bug: https://bugs.gentoo.org/843728
    Bug: https://bugs.gentoo.org/847370
    Bug: https://bugs.gentoo.org/847613
    Bug: https://bugs.gentoo.org/848864
    Bug: https://bugs.gentoo.org/851003
    Bug: https://bugs.gentoo.org/851009
    Bug: https://bugs.gentoo.org/853229
    Bug: https://bugs.gentoo.org/853643
    Bug: https://bugs.gentoo.org/854372
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Sam James <sam@gentoo.org>

 glsa-202208-25.xml | 284 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 284 insertions(+)
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-08-14 14:37:39 UTC
GLSA done, all done.