Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 789420 (CVE-2021-30506, CVE-2021-30507, CVE-2021-30508, CVE-2021-30509, CVE-2021-30510, CVE-2021-30511, CVE-2021-30512, CVE-2021-30513, CVE-2021-30514, CVE-2021-30515, CVE-2021-30516, CVE-2021-30517, CVE-2021-30518, CVE-2021-30519, CVE-2021-30520) - <www-client/chromium-90.0.4430.212 <www-client/google-chrome-90.0.4430.212: Multiple vulnerabilities (CVE-2021-{30506,30507,30508,30509,30510,30511,30512,30513,30514,30515,30516,30517,30518,30519,30520})
Summary: <www-client/chromium-90.0.4430.212 <www-client/google-chrome-90.0.4430.212: M...
Status: RESOLVED FIXED
Alias: CVE-2021-30506, CVE-2021-30507, CVE-2021-30508, CVE-2021-30509, CVE-2021-30510, CVE-2021-30511, CVE-2021-30512, CVE-2021-30513, CVE-2021-30514, CVE-2021-30515, CVE-2021-30516, CVE-2021-30517, CVE-2021-30518, CVE-2021-30519, CVE-2021-30520
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2021-05-11 09:14 UTC by Stephan Hartmann
Modified: 2021-07-06 03:34 UTC (History)
2 users (show)

See Also:
Package list:
www-client/chromium-90.0.4430.212
Runtime testing required: ---
nattka: sanity-check-


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stephan Hartmann gentoo-dev 2021-05-11 09:14:32 UTC
See ${URL}.

www-client/chrome bumped already.
Comment 1 Larry the Git Cow gentoo-dev 2021-05-11 20:37:39 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d95b8b846b0f27a7f3b87115d4f9cde6cb96c248

commit d95b8b846b0f27a7f3b87115d4f9cde6cb96c248
Author:     Stephan Hartmann <sultan@gentoo.org>
AuthorDate: 2021-05-11 20:37:10 +0000
Commit:     Stephan Hartmann <sultan@gentoo.org>
CommitDate: 2021-05-11 20:37:34 +0000

    www-client/chromium: stable channel bump to 90.0.4430.212
    
    Bug: https://bugs.gentoo.org/789420
    Package-Manager: Portage-3.0.18, Repoman-3.0.2
    Signed-off-by: Stephan Hartmann <sultan@gentoo.org>

 www-client/chromium/Manifest                      |   1 +
 www-client/chromium/chromium-90.0.4430.212.ebuild | 926 ++++++++++++++++++++++
 2 files changed, 927 insertions(+)
Comment 2 Larry the Git Cow gentoo-dev 2021-05-12 17:01:09 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c170d3fcdc133243867d1524c26043660e318e94

commit c170d3fcdc133243867d1524c26043660e318e94
Author:     Stephan Hartmann <sultan@gentoo.org>
AuthorDate: 2021-05-12 17:00:34 +0000
Commit:     Stephan Hartmann <sultan@gentoo.org>
CommitDate: 2021-05-12 17:00:47 +0000

    www-client/chromium: arm64 stable, bug #789420
    
    Bug: https://bugs.gentoo.org/789420
    Package-Manager: Portage-3.0.18, Repoman-3.0.2
    Signed-off-by: Stephan Hartmann <sultan@gentoo.org>

 www-client/chromium/chromium-90.0.4430.212.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 3 Stephan Hartmann gentoo-dev 2021-05-12 18:17:43 UTC
amd64 done
Comment 4 Larry the Git Cow gentoo-dev 2021-05-12 18:18:26 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=138ad563f193087b93dc99d843b312fbbac560ac

commit 138ad563f193087b93dc99d843b312fbbac560ac
Author:     Stephan Hartmann <sultan@gentoo.org>
AuthorDate: 2021-05-12 18:18:14 +0000
Commit:     Stephan Hartmann <sultan@gentoo.org>
CommitDate: 2021-05-12 18:18:14 +0000

    www-client/chromium: security cleanup
    
    Bug: https://bugs.gentoo.org/789420
    Package-Manager: Portage-3.0.18, Repoman-3.0.2
    Signed-off-by: Stephan Hartmann <sultan@gentoo.org>

 www-client/chromium/Manifest                     |   1 -
 www-client/chromium/chromium-90.0.4430.93.ebuild | 927 -----------------------
 2 files changed, 928 deletions(-)
Comment 5 NATTkA bot gentoo-dev 2021-06-01 20:48:29 UTC
Unable to check for sanity:

> no match for package: www-client/chromium-90.0.4430.212
Comment 6 Richard Yao gentoo-dev 2021-06-11 16:33:48 UTC
These vulnerabilities are now under active exploitation:

https://thehackernews.com/2021/06/new-chrome-0-day-bug-under-active.html

dev-qt/qtwebengine is a library version of chromium, and any bugs that affect www-client/chromium almost certainly affect dev-qt/qtwebengine. For example, bug #769989 required both dev-qt/qtwebengine and www-client/chromium be patched because of an incompatibility between glibc-2.33 and the chromium sandbox. That exact issue visibly manifested itself in www-client/falkon when used with an unpatched version of dev-qt/qtwebengine. It stands to reason that other security issues would also affect www-client/falkon and other dev-qt/qtwebengine consumers.

At a glance, the latest version of dev-qt/qtwebengine in the tree is based on chromium 87, so the probability of it being vulnerable is high:

https://gitweb.gentoo.org/repo/gentoo.git/commit/dev-qt/qtwebengine/qtwebengine-5.15.2_p20210521.ebuild?id=154b6c93890d4ed1d8a72edbf1442325979efc14

I recommend that the dev-qt/qtwebengine maintainer and security team conduct an audit of the dev-qt/qtwebengine to confirm that it is affected by this and then take steps to remedy that. Otherwise, end users of things relying on dev-qt/qtwebengine will be vulnerable to exploitation.

Lastly, it might also be worthwhile to review the potential for exploitation of this vulnerability in the electron software in the tree. Off the top of my head, that includes:

net-im/discord-bin
net-im/signal-desktop-bin

There are probably others. Embedded chromium is in many places. :/
Comment 7 Richard Yao gentoo-dev 2021-06-11 18:22:49 UTC
Disregard my comment about active exploitation. I posted this in the wrong bug. I wanted bug #795201. :/
Comment 8 John Helmert III gentoo-dev Security 2021-07-05 03:26:44 UTC
Request filed
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2021-07-06 03:34:54 UTC
This issue was resolved and addressed in
 GLSA 202107-06 at https://security.gentoo.org/glsa/202107-06
by GLSA coordinator John Helmert III (ajak).