Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 836381 (CVE-2022-1125, CVE-2022-1127, CVE-2022-1128, CVE-2022-1129, CVE-2022-1130, CVE-2022-1131, CVE-2022-1132, CVE-2022-1133, CVE-2022-1134, CVE-2022-1135, CVE-2022-1136, CVE-2022-1137, CVE-2022-1138, CVE-2022-1139, CVE-2022-1141, CVE-2022-1142, CVE-2022-1143, CVE-2022-1144, CVE-2022-1145, CVE-2022-1146) - <www-client/chromium-100.0.4896.60 <www-client/google-chrome-100.0.4896.60: Multiple vulnerabilities
Summary: <www-client/chromium-100.0.4896.60 <www-client/google-chrome-100.0.4896.60: M...
Status: CONFIRMED
Alias: CVE-2022-1125, CVE-2022-1127, CVE-2022-1128, CVE-2022-1129, CVE-2022-1130, CVE-2022-1131, CVE-2022-1132, CVE-2022-1133, CVE-2022-1134, CVE-2022-1135, CVE-2022-1136, CVE-2022-1137, CVE-2022-1138, CVE-2022-1139, CVE-2022-1141, CVE-2022-1142, CVE-2022-1143, CVE-2022-1144, CVE-2022-1145, CVE-2022-1146
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A2 [glsa?]
Keywords:
Depends on: 836395
Blocks: CVE-2022-24475, CVE-2022-24523, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912
  Show dependency tree
 
Reported: 2022-03-29 20:44 UTC by Stephan Hartmann
Modified: 2022-05-26 19:33 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stephan Hartmann gentoo-dev 2022-03-29 20:44:26 UTC
[1292261] High CVE-2022-1125: Use after free in Portals. Reported by Khalil Zhani on 2022-01-29
[$5000][1291891] High CVE-2022-1127: Use after free in QR Code Generator. Reported by anonymous on 2022-01-28
[$5000][1301920] High CVE-2022-1128: Inappropriate implementation in Web Share API. Reported by Abdel Adim (@smaury92) Oisfi of Shielder on 2022-03-01
[$3000][1300253] High CVE-2022-1129: Inappropriate implementation in Full Screen Mode. Reported by Irvan Kurniawan (sourc7) on 2022-02-24
[$1000][1142269] High CVE-2022-1130: Insufficient validation of untrusted input in WebOTP. Reported by Sergey Toshin of Oversecurity Inc. on 2020-10-25
[$NA][1297404] High CVE-2022-1131: Use after free in Cast UI. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2022-02-15
[$TBD][1303410] High CVE-2022-1132: Inappropriate implementation in Virtual Keyboard. Reported by Andr.Ess on 2022-03-07
[$TBD][1305776] High CVE-2022-1133: Use after free in WebRTC. Reported by Anonymous on 2022-03-13
[$TBD][1308360] High CVE-2022-1134: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2022-03-21
[1285601] Medium CVE-2022-1135: Use after free in Shopping Cart. Reported by Wei Yuan of MoyunSec VLab on 2022-01-09
[1280205] Medium CVE-2022-1136: Use after free in Tab Strip . Reported by Krace on 2021-12-15
[1289846] Medium CVE-2022-1137: Inappropriate implementation in Extensions. Reported by Thomas Orlita on 2022-01-22
[1246188] Medium CVE-2022-1138: Inappropriate implementation in Web Cursor. Reported by Alesandro Ortiz on 2021-09-03
[1268541] Medium CVE-2022-1139: Inappropriate implementation in Background Fetch API. Reported by Maurice Dauer on 2021-11-10
[1303253] Medium CVE-2022-1141: Use after free in File Manager. Reported by raven at KunLun lab on 2022-03-05
[1303613] Medium CVE-2022-1142: Heap buffer overflow in WebUI. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-03-07
[1303615] Medium CVE-2022-1143: Heap buffer overflow in WebUI. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-03-07
[1304145] Medium CVE-2022-1144: Use after free in WebUI. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-03-08
[1304545] Medium CVE-2022-1145: Use after free in Extensions. Reported by Yakun Zhang of Baidu Security on 2022-03-09
[1290150] Low CVE-2022-1146: Inappropriate implementation in Resource Timing. Reported by Sohom Datta on 2022-01-23
Comment 1 Stephan Hartmann gentoo-dev 2022-04-02 08:40:51 UTC
Additional CVEs for Edge:
CVE-2022-24523, CVE-2022-24475, CVE-2022-26891, CVE-2022-26895, CVE-2022-26894, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912
Comment 2 Larry the Git Cow gentoo-dev 2022-04-05 08:15:06 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f0224834f4c1c17bd06bc66ef05f327e1fe26c66

commit f0224834f4c1c17bd06bc66ef05f327e1fe26c66
Author:     Stephan Hartmann <sultan@gentoo.org>
AuthorDate: 2022-04-05 08:14:31 +0000
Commit:     Stephan Hartmann <sultan@gentoo.org>
CommitDate: 2022-04-05 08:14:31 +0000

    www-client/chromium: security cleanup
    
    Bug: https://bugs.gentoo.org/836381
    Signed-off-by: Stephan Hartmann <sultan@gentoo.org>

 www-client/chromium/Manifest                       |    2 -
 www-client/chromium/chromium-99.0.4844.84.ebuild   | 1013 --------------------
 .../chromium/files/chromium-98-system-libdrm.patch |   34 -
 .../chromium/files/chromium-glibc-2.34-r1.patch    |   20 -
 4 files changed, 1069 deletions(-)
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-04-09 14:25:52 UTC
(In reply to Stephan Hartmann from comment #1)
> Additional CVEs for Edge:
> CVE-2022-24523, CVE-2022-24475, CVE-2022-26891, CVE-2022-26895,
> CVE-2022-26894, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909,
> CVE-2022-26912

Unfortunately will need a new bug for this