Bug 912364 (CVE-2023-2312, CVE-2023-4349, CVE-2023-4350, CVE-2023-4351, CVE-2023-4352, CVE-2023-4353, CVE-2023-4354, CVE-2023-4355, CVE-2023-4356, CVE-2023-4357, CVE-2023-4358, CVE-2023-4359, CVE-2023-4360, CVE-2023-4361, CVE-2023-4362, CVE-2023-4363, CVE-2023-4364, CVE-2023-4365, CVE-2023-4366, CVE-2023-4367, CVE-2023-4368)

Summary:	<www-client/chromium-116.0.5845.96, <www-client/google-chrome-116.0.5845.96 <www-client/microsoft-edge-116.0.1938.54: Multiple vulnerabilities
Product:	Gentoo Security	Reporter:	Matt Jolly <kangie>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	ajak, chromium, kangie
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:	A2 [glsa+]
Package list:		Runtime testing required:	---
Bug Depends on:	912366
Bug Blocks:

Description Matt Jolly gentoo-dev

2023-08-16 19:27:18 UTC

See: https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html

This update includes 26 security fixes

[$30000][1448548] High CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L. on 2023-05-24

[$5000][1458303] High CVE-2023-4349: Use after free in Device Trust Connectors. Reported by Weipeng Jiang (@Krace) of VRI on 2023-06-27

[$3000][1454817] High CVE-2023-4350: Inappropriate implementation in Fullscreen. Reported by Khiem Tran (@duckhiem) on 2023-06-14

[$2000][1465833] High CVE-2023-4351: Use after free in Network. Reported by Guang and Weipeng Jiang of VRI on 2023-07-18

[$NA][1452076] High CVE-2023-4352: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-06-07

[$NA][1458046] High CVE-2023-4353: Heap buffer overflow in ANGLE. Reported by Christoph Diehl / Microsoft Vulnerability Research on 2023-06-27

[$NA][1464215] High CVE-2023-4354: Heap buffer overflow in Skia. Reported by Mark Brand of Google Project Zero on 2023-07-12

[$NA][1468943] High CVE-2023-4355: Out of bounds memory access in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-07-31

[$5000][1449929] Medium CVE-2023-4356: Use after free in Audio. Reported by Zhenghang Xiao (@Kipreyyy) on 2023-05-30

[$3000][1458911] Medium CVE-2023-4357: Insufficient validation of untrusted input in XML. Reported by Igor Sak-Sakovskii on 2023-06-28

[$3000][1466415] Medium CVE-2023-4358: Use after free in DNS. Reported by Weipeng Jiang (@Krace) of VRI on 2023-07-20

[$2000][1443722] Medium CVE-2023-4359: Inappropriate implementation in App Launcher. Reported by @retsew0x01 on 2023-05-09

[$2000][1462723] Medium CVE-2023-4360: Inappropriate implementation in Color. Reported by Axel Chong on 2023-07-07

[$2000][1465230] Medium CVE-2023-4361: Inappropriate implementation in Autofill. Reported by Thomas Orlita on 2023-07-17

[$1000][1316379] Medium CVE-2023-4362: Heap buffer overflow in Mojom IDL. Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab on 2022-04-14

[$1000][1367085] Medium CVE-2023-4363: Inappropriate implementation in WebShare. Reported by Alesandro Ortiz on 2022-09-23

[$1000][1406922] Medium CVE-2023-4364: Inappropriate implementation in Permission Prompts. Reported by Jasper Rebane on 2023-01-13

[$1000][1431043] Medium CVE-2023-4365: Inappropriate implementation in Fullscreen. Reported by Hafiizh on 2023-04-06

[$1000][1450784] Medium CVE-2023-4366: Use after free in Extensions. Reported by asnine on 2023-06-02

[$500][1467743] Medium CVE-2023-4367: Insufficient policy enforcement in Extensions API. Reported by Axel Chong on 2023-07-26

[$500][1467751] Medium CVE-2023-4368: Insufficient policy enforcement in Extensions API. Reported by Axel Chong on 2023-07-26

Reproducible: Always

Comment 1 Sam James archtester

2023-08-17 02:56:49 UTC

Please cleanup.

Comment 2 Larry the Git Cow gentoo-dev

2024-01-31 15:39:53 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=8064a0b694d29fb2fca491d65494098fb43c2ffa

commit 8064a0b694d29fb2fca491d65494098fb43c2ffa
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-01-31 15:39:13 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-01-31 15:39:35 +0000

    [ GLSA 202401-34 ] Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/907999
    Bug: https://bugs.gentoo.org/908471
    Bug: https://bugs.gentoo.org/909283
    Bug: https://bugs.gentoo.org/910522
    Bug: https://bugs.gentoo.org/911675
    Bug: https://bugs.gentoo.org/912364
    Bug: https://bugs.gentoo.org/913016
    Bug: https://bugs.gentoo.org/913710
    Bug: https://bugs.gentoo.org/914350
    Bug: https://bugs.gentoo.org/914871
    Bug: https://bugs.gentoo.org/915137
    Bug: https://bugs.gentoo.org/915560
    Bug: https://bugs.gentoo.org/915961
    Bug: https://bugs.gentoo.org/916252
    Bug: https://bugs.gentoo.org/916620
    Bug: https://bugs.gentoo.org/917021
    Bug: https://bugs.gentoo.org/917357
    Bug: https://bugs.gentoo.org/918882
    Bug: https://bugs.gentoo.org/919321
    Bug: https://bugs.gentoo.org/919802
    Bug: https://bugs.gentoo.org/920442
    Bug: https://bugs.gentoo.org/921337
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202401-34.xml | 229 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 229 insertions(+)