Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 868354 (CVE-2022-3038, CVE-2022-3039, CVE-2022-3040, CVE-2022-3041, CVE-2022-3042, CVE-2022-3043, CVE-2022-3044, CVE-2022-3045, CVE-2022-3046, CVE-2022-3047, CVE-2022-3048, CVE-2022-3049, CVE-2022-3050, CVE-2022-3051, CVE-2022-3052, CVE-2022-3053, CVE-2022-3054, CVE-2022-3055, CVE-2022-3056, CVE-2022-3057, CVE-2022-3058, CVE-2022-3071)

Summary: <www-client/chromium-105.0.5195.52 <www-client/chromium-bin-105.0.5195.125 <www-client/google-chrome-105.0.5195.52: Multiple vulnerabilities
Product: Gentoo Security Reporter: Sam James <sam>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: normal CC: chromium
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: A2 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on: 868156, 868351    
Bug Blocks:    

Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-09-04 04:50:52 UTC

[$NA][1340253] Critical CVE-2022-3038: Use after free in Network Service. Reported by Sergei Glazunov of Google Project Zero on 2022-06-28

[$10000][1343348] High CVE-2022-3039: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-07-11

[$9000][1341539] High CVE-2022-3040: Use after free in Layout. Reported by Anonymous on 2022-07-03

[$7500][1345947] High CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute on 2022-07-20

[$5000][1338553] High CVE-2022-3042: Use after free in PhoneHub. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-06-22

[$3000][1336979] High CVE-2022-3043: Heap buffer overflow in Screen Capture. Reported by @ginggilBesel on 2022-06-16

[$NA][1051198] High CVE-2022-3044: Inappropriate implementation in Site Isolation. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-02-12

[$TBD][1339648] High CVE-2022-3045: Insufficient validation of untrusted input in V8. Reported by Ben Noordhuis <> on 2022-06-26

[$TBD][1346245] High CVE-2022-3046: Use after free in Browser Tag. Reported by Rong Jian of VRI on 2022-07-21

[$3000][1333995] High CVE-2022-3071: Use after free in Tab Strip. Reported by @ginggilBesel on 2022-06-06

[$7000][1342586] Medium CVE-2022-3047: Insufficient policy enforcement in Extensions API. Reported by Maurice Dauer on 2022-07-07

[$5000][1303308] Medium CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen. Reported by Andr.Ess on 2022-03-06

[$3000][1316892] Medium CVE-2022-3049: Use after free in SplitScreen. Reported by @ginggilBesel on 2022-04-17

[$3000][1337132] Medium CVE-2022-3050: Heap buffer overflow in WebUI. Reported by Zhihua Yao of KunLun Lab on 2022-06-17

[$2000][1345245] Medium CVE-2022-3051: Heap buffer overflow in Exosphere. Reported by @ginggilBesel on 2022-07-18

[$2000][1346154] Medium CVE-2022-3052: Heap buffer overflow in Window Manager. Reported by Khalil Zhani on 2022-07-21

[$TBD][1267867] Medium CVE-2022-3053: Inappropriate implementation in Pointer Lock. Reported by Jesper van den Ende (Pelican Party Studios) on 2021-11-08

[$TBD][1290236] Medium CVE-2022-3054: Insufficient policy enforcement in DevTools. Reported by Kuilin Li on 2022-01-24

[$TBD][1351969] Medium CVE-2022-3055: Use after free in Passwords. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-08-11

[$3000][1329460] Low CVE-2022-3056: Insufficient policy enforcement in Content Security Policy. Reported by Anonymous on 2022-05-26

[$2000][1336904] Low CVE-2022-3057: Inappropriate implementation in iframe Sandbox. Reported by Gareth Heyes on 2022-06-16

[$1000][1337676] Low CVE-2022-3058: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-06-20
Comment 1 Larry the Git Cow gentoo-dev 2022-09-22 18:17:14 UTC
The bug has been referenced in the following commit(s):

commit b405ff8995606331c646596b7c7d7850fccead51
Author:     Stephan Hartmann <>
AuthorDate: 2022-09-22 18:17:04 +0000
Commit:     Stephan Hartmann <>
CommitDate: 2022-09-22 18:17:04 +0000

    www-client/chromium: drop 104.0.5112.101
    Signed-off-by: Stephan Hartmann <>

 www-client/chromium/Manifest                       |    2 -
 www-client/chromium/chromium-104.0.5112.101.ebuild | 1194 --------------------
 .../chromium-104-swiftshader-no-wayland.patch      |   52 -
 .../chromium/files/chromium-104-v8-neon.patch      |   72 --
 4 files changed, 1320 deletions(-)
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-09-26 13:48:29 UTC
GLSA request filed
Comment 3 Larry the Git Cow gentoo-dev 2022-09-29 14:48:32 UTC
The bug has been referenced in the following commit(s):

commit 31ae708a90dd2ca9e628226aec8c4362dffb1794
Author:     GLSAMaker <>
AuthorDate: 2022-09-29 14:24:25 +0000
Commit:     John Helmert III <>
CommitDate: 2022-09-29 14:48:01 +0000

    [ GLSA 202209-23 ] Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
    Signed-off-by: GLSAMaker <>
    Signed-off-by: John Helmert III <>

 glsa-202209-23.xml | 112 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 112 insertions(+)
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-09-29 14:53:25 UTC
GLSA released, all done!