Summary: | <www-client/chromium-22.0.1229.94 SVG use-after-free and IPC arbitrary file write (CVE-2012-{5112,5376}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Mike Gilbert <floppym> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | ago, chromium |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://googlechromereleases.blogspot.com/2012/10/stable-channel-update_6105.html | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Mike Gilbert
2012-10-11 14:30:35 UTC
Please stabilize. =www-client/chromium-22.0.1229.94 amd64 stable x86 done, please proceed with the glsa. (In reply to comment #3) > x86 done, please proceed with the glsa. Thanks, GLSA draft updated and *ping* security, the draft is sitting there since Sep 6th. CVE-2012-5376 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5376): The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process, a different vulnerability than CVE-2012-5112. CVE-2012-5112 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5112): Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 22.0.1229.94, allows remote attackers to execute arbitrary code via unspecified vectors. This issue was resolved and addressed in GLSA 201210-07 at http://security.gentoo.org/glsa/glsa-201210-07.xml by GLSA coordinator Sean Amoss (ackle). |