953456 – <www-client/chromium-135.0.7049.84, <www-client/google-chrome-135.0.7049.84, <www-client/microsoft-edge-135.0.3179.73, <www-client/opera-120.0.5543.8: Use after free in Site Isolation

Bug 953456 - <www-client/chromium-135.0.7049.84, <www-client/google-chrome-135.0.7049.84, <www-client/microsoft-edge-135.0.3179.73, <www-client/opera-120.0.5543.8: Use after free in Site Isolation

Summary: <www-client/chromium-135.0.7049.84, <www-client/google-chrome-135.0.7049.84, ...

Status:	CONFIRMED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Security

URL:	https://chromereleases.googleblog.com...
Whiteboard:
Keywords:

Depends on:	953457
Blocks:
	Show dependency tree

Reported:	2025-04-09 03:34 UTC by Matt Jolly
Modified:	2025-06-11 14:50 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matt Jolly gentoo-dev

2025-04-09 03:34:09 UTC

The Stable channel has been updated to 135.0.7049.84 for Linux.

Security Fixes and Rewards

This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers.

[$4000][405140652] High CVE-2025-3066: Use after free in Site Isolation. Reported by Sven Dysthe (@svn-dys) on 2025-03-21

Comment 1 Matt Jolly gentoo-dev

2025-04-09 03:35:22 UTC

No alias as last week _also_ used CVE-2025-3066, but for a different component. Same researcher discovered it though; not sure what's going on.

Comment 2 Larry the Git Cow gentoo-dev

2025-04-09 03:45:00 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bd604d4b6e8b6c7cf3902432a191e6b6343ac257

commit bd604d4b6e8b6c7cf3902432a191e6b6343ac257
Author:     Matt Jolly <kangie@gentoo.org>
AuthorDate: 2025-04-09 03:36:45 +0000
Commit:     Matt Jolly <kangie@gentoo.org>
CommitDate: 2025-04-09 03:43:10 +0000

    www-client/google-chrome: automated update (135.0.7049.84)
    
    Bug: https://bugs.gentoo.org/953456
    Signed-off-by: Matt Jolly <kangie@gentoo.org>

 www-client/google-chrome/Manifest                                       | 2 +-
 ...e-chrome-135.0.7049.52.ebuild => google-chrome-135.0.7049.84.ebuild} | 0
 2 files changed, 1 insertion(+), 1 deletion(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6e9b146d076dc9547d1337d59609dc2e3eb24330

commit 6e9b146d076dc9547d1337d59609dc2e3eb24330
Author:     Matt Jolly <kangie@gentoo.org>
AuthorDate: 2025-04-09 02:50:02 +0000
Commit:     Matt Jolly <kangie@gentoo.org>
CommitDate: 2025-04-09 03:43:10 +0000

    www-client/chromium: add 135.0.7049.84
    
    Bug: https://bugs.gentoo.org/953456
    Signed-off-by: Matt Jolly <kangie@gentoo.org>

 www-client/chromium/Manifest                      |    2 +
 www-client/chromium/chromium-135.0.7049.84.ebuild | 1539 +++++++++++++++++++++
 2 files changed, 1541 insertions(+)