Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 883697 (CVE-2022-4174, CVE-2022-4175, CVE-2022-4176, CVE-2022-4177, CVE-2022-4178, CVE-2022-4179, CVE-2022-4180, CVE-2022-4181, CVE-2022-4182, CVE-2022-4183, CVE-2022-4184, CVE-2022-4185, CVE-2022-4186, CVE-2022-4187, CVE-2022-4188, CVE-2022-4189, CVE-2022-4190, CVE-2022-4191, CVE-2022-4192, CVE-2022-4193, CVE-2022-4194, CVE-2022-4195) - <www-client/chromium-108.0.5359.94 <www-client/chromium-bin-108.0.5359.124 <www-client/google-chrome-108.0.5359.94: multiple vulnerabilities
Summary: <www-client/chromium-108.0.5359.94 <www-client/chromium-bin-108.0.5359.124 <w...
Status: IN_PROGRESS
Alias: CVE-2022-4174, CVE-2022-4175, CVE-2022-4176, CVE-2022-4177, CVE-2022-4178, CVE-2022-4179, CVE-2022-4180, CVE-2022-4181, CVE-2022-4182, CVE-2022-4183, CVE-2022-4184, CVE-2022-4185, CVE-2022-4186, CVE-2022-4187, CVE-2022-4188, CVE-2022-4189, CVE-2022-4190, CVE-2022-4191, CVE-2022-4192, CVE-2022-4193, CVE-2022-4194, CVE-2022-4195
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A2 [glsa]
Keywords:
Depends on: 888181 884139
Blocks: CVE-2022-41115, CVE-2022-44688, CVE-2022-44708
  Show dependency tree
 
Reported: 2022-11-30 02:25 UTC by John Helmert III
Modified: 2023-01-25 20:26 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-11-30 02:25:07 UTC
CVE-2022-4183:

Insufficient policy enforcement in Popup Blocker in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE-2022-4186:

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass Downloads restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE-2022-4191:

Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via profile destruction. (Chromium security severity: Medium)

CVE-2022-4185:

Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. (Chromium security severity: Medium)

CVE-2022-4178:

Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2022-4189:

Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)

CVE-2022-4182:

Inappropriate implementation in Fenced Frames in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass fenced frame restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE-2022-4181:

Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2022-4190:

Insufficient data validation in Directory in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE-2022-4175:

Use after free in Camera Capture in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2022-4184:

Insufficient policy enforcement in Autofill in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE-2022-4174:

Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2022-4188:

Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)

CVE-2022-4193:

Insufficient policy enforcement in File System API in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE-2022-4176:

Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: High)

CVE-2022-4177:

Use after free in Extensions in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install an extension to potentially exploit heap corruption via a crafted Chrome Extension and UI interaction. (Chromium security severity: High)

CVE-2022-4187:

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE-2022-4192:

Use after free in Live Caption in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: Medium)

CVE-2022-4195:

Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass Safe Browsing warnings via a malicious file. (Chromium security severity: Medium)

CVE-2022-4180:

Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

CVE-2022-4179:

Use after free in Audio in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

CVE-2022-4194:

Use after free in Accessibility in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Please bump to 108.0.5359.71.
Comment 1 Larry the Git Cow gentoo-dev 2022-12-03 10:51:56 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7d3995302b7aee2bfcfed1ed4ecc5a61775d61ec

commit 7d3995302b7aee2bfcfed1ed4ecc5a61775d61ec
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-12-03 10:50:46 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-12-03 10:51:28 +0000

    www-client/chromium: add 108.0.5359.94
    
    Bug: https://bugs.gentoo.org/883697
    Signed-off-by: Sam James <sam@gentoo.org>

 www-client/chromium/Manifest                      |    1 +
 www-client/chromium/chromium-108.0.5359.94.ebuild | 1228 +++++++++++++++++++++
 2 files changed, 1229 insertions(+)
Comment 2 Larry the Git Cow gentoo-dev 2022-12-03 10:56:27 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1ea0242b412edcfbbcc90265744b6944825dad2c

commit 1ea0242b412edcfbbcc90265744b6944825dad2c
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-12-03 10:56:02 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-12-03 10:56:02 +0000

    profiles: promote Chromium 108 to stable; change dev mask to general 0/dev
    
    Bug: https://bugs.gentoo.org/883697
    Signed-off-by: Sam James <sam@gentoo.org>

 profiles/package.mask | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)
Comment 3 Larry the Git Cow gentoo-dev 2022-12-15 12:02:24 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5f9bec6eb19aa994b97f82a55b01dcc31e2ea35a

commit 5f9bec6eb19aa994b97f82a55b01dcc31e2ea35a
Author:     Stephan Hartmann <sultan@gentoo.org>
AuthorDate: 2022-12-15 12:02:12 +0000
Commit:     Stephan Hartmann <sultan@gentoo.org>
CommitDate: 2022-12-15 12:02:12 +0000

    www-client/chromium: drop 107.0.5304.121
    
    Bug: https://bugs.gentoo.org/883697
    Signed-off-by: Stephan Hartmann <sultan@gentoo.org>

 www-client/chromium/Manifest                       |    3 -
 www-client/chromium/chromium-107.0.5304.121.ebuild | 1227 --------------------
 2 files changed, 1230 deletions(-)
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-01-25 20:26:30 UTC
GLSA request filed