Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 824274 (CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008, CVE-2021-38009, CVE-2021-38010, CVE-2021-38011, CVE-2021-38012, CVE-2021-38013, CVE-2021-38014, CVE-2021-38015, CVE-2021-38016, CVE-2021-38017, CVE-2021-38018, CVE-2021-38019, CVE-2021-38020, CVE-2021-38021, CVE-2021-38022) - <www-client/{chromium,google-chrome}-96.0.4664.45: multiple vulnerabilities
Summary: <www-client/{chromium,google-chrome}-96.0.4664.45: multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008, CVE-2021-38009, CVE-2021-38010, CVE-2021-38011, CVE-2021-38012, CVE-2021-38013, CVE-2021-38014, CVE-2021-38015, CVE-2021-38016, CVE-2021-38017, CVE-2021-38018, CVE-2021-38019, CVE-2021-38020, CVE-2021-38021, CVE-2021-38022
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A2 [glsa+]
Keywords:
Depends on: 824278
Blocks:
  Show dependency tree
 
Reported: 2021-11-17 22:19 UTC by John Helmert III
Modified: 2022-01-31 05:34 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2021-11-17 22:19:21 UTC
[$7500][1263620] High CVE-2021-38008: Use after free in media. Reported by Marcin Towalski of Cisco Talos on 2021-10-26

[$2000][1260649] High CVE-2021-38009: Inappropriate implementation in cache. Reported by Luan Herrera (@lbherrera_) on 2021-10-16

[$TBD][1240593] High CVE-2021-38006: Use after free in storage foundation. Reported by Sergei Glazunov of Google Project Zero on 2021-08-17

[$TBD][1254189] High CVE-2021-38007: Type Confusion in V8. Reported by Polaris Feng and SGFvamll at Singular Security Lab on 2021-09-29

[$TBD][1241091] High CVE-2021-38005: Use after free in loader. Reported by Sergei Glazunov of Google Project Zero on 2021-08-18

[$TBD][1264477] High CVE-2021-38010: Inappropriate implementation in service workers. Reported by Sergei Glazunov of Google Project Zero on 2021-10-28

[$TBD][1268274] High CVE-2021-38011: Use after free in storage foundation. Reported by Sergei Glazunov of Google Project Zero on 2021-11-09

[$15000][1262791] Medium CVE-2021-38012: Type Confusion in V8. Reported by Yonghwi Jin (@jinmo123) on 2021-10-24

[$10000][1242392] Medium CVE-2021-38013: Heap buffer overflow in fingerprint recognition. Reported by raven (@raid_akame) on 2021-08-23

[$5000][1248567] Medium CVE-2021-38014: Out of bounds write in Swiftshader. Reported by Atte Kettunen of OUSPG on 2021-09-10

[$3000][957553] Medium CVE-2021-38015: Inappropriate implementation in input. Reported by David Erceg on 2019-04-29

[$3000][1244289] Medium CVE-2021-38016: Insufficient policy enforcement in background fetch. Reported by Maurice Dauer  on 2021-08-28

[$2500][1256822] Medium CVE-2021-38017: Insufficient policy enforcement in iframe sandbox. Reported by NDevTK on 2021-10-05

[$2000][1197889] Medium CVE-2021-38018: Inappropriate implementation in navigation. Reported by Alesandro Ortiz on 2021-04-11

[$1000][1251179] Medium CVE-2021-38019: Insufficient policy enforcement in CORS. Reported by Maurice Dauer on 2021-09-20

[$1000][1259694] Medium CVE-2021-38020: Insufficient policy enforcement in contacts picker. Reported by Luan Herrera (@lbherrera_) on 2021-10-13

[$500][1233375] Medium CVE-2021-38021: Inappropriate implementation in referrer. Reported by Prakash (@1lastBr3ath) and Jun Kokatsu on 2021-07-27

[$TBD][1248862] Low CVE-2021-38022: Inappropriate implementation in WebAuthentication. Reported by Michal Kepkowski on 2021-09-13


Needs stabilization
Comment 1 Larry the Git Cow gentoo-dev 2021-11-24 08:06:48 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=06f038ad46e0e1e3b3b594d67356d08e45197ed2

commit 06f038ad46e0e1e3b3b594d67356d08e45197ed2
Author:     Stephan Hartmann <sultan@gentoo.org>
AuthorDate: 2021-11-24 08:06:09 +0000
Commit:     Stephan Hartmann <sultan@gentoo.org>
CommitDate: 2021-11-24 08:06:44 +0000

    www-client/chromium: security cleanup
    
    Bug: https://bugs.gentoo.org/824274
    Package-Manager: Portage-3.0.28, Repoman-3.0.3
    Signed-off-by: Stephan Hartmann <sultan@gentoo.org>

 www-client/chromium/Manifest                       |   2 -
 www-client/chromium/chromium-95.0.4638.69.ebuild   | 953 ---------------------
 .../files/chromium-93-EnumTable-crash.patch        |  79 --
 .../chromium/files/chromium-95-eigen-avx-1.patch   | 229 -----
 .../chromium/files/chromium-95-eigen-avx-2.patch   |  30 -
 .../chromium/files/chromium-95-eigen-avx-3.patch   |  44 -
 .../chromium/files/chromium-95-harfbuzz-3.patch    |  31 -
 .../chromium/files/chromium-95-maldoca-zlib.patch  |  13 -
 .../chromium/files/chromium-95-xfce-maximize.patch |  30 -
 9 files changed, 1411 deletions(-)
Comment 2 Larry the Git Cow gentoo-dev 2022-01-31 05:31:44 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=a5cb3b8ed2294fbfe4dfaf3e992220585c749f25

commit a5cb3b8ed2294fbfe4dfaf3e992220585c749f25
Author:     John Helmert III <ajak@gentoo.org>
AuthorDate: 2022-01-31 05:00:26 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-01-31 05:00:26 +0000

    [ GLSA 202201-02 ] Chromium, Google Chrome: Multiple vulnerabilities
    
    Bug: https://bugs.gentoo.org/803167
    Bug: https://bugs.gentoo.org/806223
    Bug: https://bugs.gentoo.org/808715
    Bug: https://bugs.gentoo.org/811348
    Bug: https://bugs.gentoo.org/813035
    Bug: https://bugs.gentoo.org/814221
    Bug: https://bugs.gentoo.org/814617
    Bug: https://bugs.gentoo.org/815673
    Bug: https://bugs.gentoo.org/816984
    Bug: https://bugs.gentoo.org/819054
    Bug: https://bugs.gentoo.org/820689
    Bug: https://bugs.gentoo.org/824274
    Bug: https://bugs.gentoo.org/829190
    Bug: https://bugs.gentoo.org/830642
    Bug: https://bugs.gentoo.org/831624
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202201-02.xml | 257 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 257 insertions(+)
Comment 3 John Helmert III gentoo-dev Security 2022-01-31 05:34:59 UTC
All done! \o/