Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 936611 (CVE-2024-6988, CVE-2024-6989, CVE-2024-6991, CVE-2024-6994, CVE-2024-6995, CVE-2024-6996, CVE-2024-6997, CVE-2024-6998, CVE-2024-6999, CVE-2024-7000, CVE-2024-7001, CVE-2024-7003, CVE-2024-7004, CVE-2024-7005)

Summary: <www-client/chromium-127.0.6533.72, <www-client/google-chrome-127.0.6533.72, <www-client/microsoft-edge-127.0.2651.74, www-client/opera: Multiple vulnerabilities
Product: Gentoo Security Reporter: Matt Jolly <kangie>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: CONFIRMED ---    
Severity: normal CC: chromium, kangie
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on: 936630    
Bug Blocks:    

Description Matt Jolly gentoo-dev 2024-07-25 06:17:22 UTC
The Stable channel has been updated to 127.0.6533.72 for Linux.

Security Fixes and Rewards

This update includes 22 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$11000][349198731] High CVE-2024-6988: Use after free in Downloads. Reported by lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group on 2024-06-25

[$8000][349342289] High CVE-2024-6989: Use after free in Loader. Reported by Anonymous on 2024-06-25

[TBD][346618785] High CVE-2024-6991: Use after free in Dawn. Reported by wgslfuzz on 2024-06-12

[$8000][339686368] Medium CVE-2024-6994: Heap buffer overflow in Layout. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2024-05-10

[$6000][343938078] Medium CVE-2024-6995: Inappropriate implementation in Fullscreen. Reported by Alesandro Ortiz on 2024-06-01

[$5000][333708039] Medium CVE-2024-6996: Race in Frames. Reported by Louis Jannett (Ruhr University Bochum) on 2024-04-10

[$3000][325293263] Medium CVE-2024-6997: Use after free in Tabs. Reported by Sven Dysthe (@svn-dys) on 2024-02-15

[$2000][340098902] Medium CVE-2024-6998: Use after free in User Education. Reported by Sven Dysthe (@svn-dys) on 2024-05-13

[$2000][340893685] Medium CVE-2024-6999: Inappropriate implementation in FedCM. Reported by Alesandro Ortiz on 2024-05-15

[$500][339877158] Medium CVE-2024-7000: Use after free in CSS. Reported by Anonymous on 2024-05-11

[TBD][347509736] Medium CVE-2024-7001: Inappropriate implementation in HTML. Reported by Jake Archibald on 2024-06-17

[$2000][338233148] Low CVE-2024-7003: Inappropriate implementation in FedCM. Reported by Alesandro Ortiz on 2024-05-01

[TBD][40063014] Low CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing. Reported by Anonymous on 2023-02-10

[TBD][40068800] Low CVE-2024-7005: Insufficient validation of untrusted input in Safe Browsing. Reported by Umar Farooq  on 2023-08-04
Comment 1 Larry the Git Cow gentoo-dev 2024-07-25 12:57:29 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f9d4cf285d2218114c73c9a879d1ce3c6e67ca3e

commit f9d4cf285d2218114c73c9a879d1ce3c6e67ca3e
Author:     Matt Jolly <kangie@gentoo.org>
AuthorDate: 2024-07-25 08:33:42 +0000
Commit:     Matt Jolly <kangie@gentoo.org>
CommitDate: 2024-07-25 12:56:48 +0000

    www-client/chromium: add 127.0.6533.72
    
    Drop llvm-r1 eclass for llvm-utils and our "llvm-r1_pkg_config at home".
    
    Chromium is one of the few builds that won't benefit from the default
    eclass behaviour and we don't currently need to worry about linking
    with llvm libc++.
    
    We'll leave much of the machinery in place an instead take advantage
    of llvm-utils to do the checks ourselves and try to enforce our own
    dependencies / sanity checks on rust too.
    
    Bug: https://bugs.gentoo.org/936611
    Signed-off-by: Matt Jolly <kangie@gentoo.org>

 www-client/chromium/Manifest                      |    1 +
 www-client/chromium/chromium-127.0.6533.72.ebuild | 1427 +++++++++++++++++++++
 2 files changed, 1428 insertions(+)