Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 841371 (CVE-2022-1477, CVE-2022-1478, CVE-2022-1479, CVE-2022-1480, CVE-2022-1481, CVE-2022-1482, CVE-2022-1483, CVE-2022-1484, CVE-2022-1485, CVE-2022-1486, CVE-2022-1487, CVE-2022-1488, CVE-2022-1489, CVE-2022-1490, CVE-2022-1491, CVE-2022-1492, CVE-2022-1493, CVE-2022-1494, CVE-2022-1495, CVE-2022-1496, CVE-2022-1497, CVE-2022-1498, CVE-2022-1499, CVE-2022-1500, CVE-2022-1501) - <www-client/chromium-101.0.4951.54 www-client/google-chrome-101.0.4951.54: Multiple vulnerabilities
Summary: <www-client/chromium-101.0.4951.54 www-client/google-chrome-101.0.4951.54: Mu...
Status: IN_PROGRESS
Alias: CVE-2022-1477, CVE-2022-1478, CVE-2022-1479, CVE-2022-1480, CVE-2022-1481, CVE-2022-1482, CVE-2022-1483, CVE-2022-1484, CVE-2022-1485, CVE-2022-1486, CVE-2022-1487, CVE-2022-1488, CVE-2022-1489, CVE-2022-1490, CVE-2022-1491, CVE-2022-1492, CVE-2022-1493, CVE-2022-1494, CVE-2022-1495, CVE-2022-1496, CVE-2022-1497, CVE-2022-1498, CVE-2022-1499, CVE-2022-1500, CVE-2022-1501
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A2 [glsa?]
Keywords:
Depends on: 842831
Blocks: CVE-2022-29146, CVE-2022-29147
  Show dependency tree
 
Reported: 2022-04-27 20:29 UTC by Ian Kumlien
Modified: 2022-05-26 19:33 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ian Kumlien 2022-04-27 20:29:38 UTC
Multiple CVE:s - Haven't looked at how serious they are with the CVE scores

https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html

Reproducible: Always
Comment 1 Stephan Hartmann gentoo-dev 2022-04-29 18:38:09 UTC
[1313905] High CVE-2022-1477: Use after free in Vulkan. Reported by SeongHwan Park (SeHwa) on 2022-04-06

[1299261] High CVE-2022-1478: Use after free in SwiftShader. Reported by SeongHwan Park (SeHwa) on 2022-02-20

[1305190] High CVE-2022-1479: Use after free in ANGLE. Reported by Jeonghoon Shin of Theori on 2022-03-10

[1307223] High CVE-2022-1480: Use after free in Device API. Reported by @uwu7586 on 2022-03-17

[1302949] High CVE-2022-1481: Use after free in Sharing. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-03-04

[1304987] High CVE-2022-1482: Inappropriate implementation in WebGL. Reported by Christoph Diehl, Microsoft on 2022-03-10

[1314754] High CVE-2022-1483: Heap buffer overflow in WebGPU. Reported by Mark Brand of Google Project Zero on 2022-04-08

[1297429] Medium CVE-2022-1484: Heap buffer overflow in Web UI Settings. Reported by Chaoyuan Peng (@ret2happy) on 2022-02-15

[1299743] Medium CVE-2022-1485: Use after free in File System API. Reported by Anonymous on 2022-02-22

[1314616] Medium CVE-2022-1486: Type Confusion in V8. Reported by Brendon Tiszka on 2022-04-08

[1304368] Medium CVE-2022-1487: Use after free in Ozone. Reported by Sri on 2022-03-09

[1302959] Medium CVE-2022-1488: Inappropriate implementation in Extensions API. Reported by Thomas Beverley from Wavebox.io on 2022-03-04

[1300561] Medium CVE-2022-1489: Out of bounds memory access in UI Shelf. Reported by Khalil Zhani on 2022-02-25

[1301840] Medium CVE-2022-1490: Use after free in Browser Switcher. Reported by raven at KunLun lab on 2022-03-01

[1305706] Medium CVE-2022-1491: Use after free in Bookmarks. Reported by raven at KunLun lab on 2022-03-12

[1315040] Medium CVE-2022-1492: Insufficient data validation in Blink Editing. Reported by Michał Bentkowski of Securitum on 2022-04-11

[1275414] Medium CVE-2022-1493: Use after free in Dev Tools. Reported by Zhihua Yao of KunLun Lab on 2021-12-01

[1298122] Medium CVE-2022-1494: Insufficient data validation in Trusted Types. Reported by Masato Kinugawa on 2022-02-17

[1301180] Medium CVE-2022-1495: Incorrect security UI in Downloads. Reported by Umar Farooq on 2022-02-28

[1306391] Medium CVE-2022-1496: Use after free in File Manager. Reported by Zhiyi Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group on 2022-03-15

[1264543] Medium CVE-2022-1497: Inappropriate implementation in Input. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-10-29

[1297138] Low CVE-2022-1498: Inappropriate implementation in HTML Parser. Reported by SeungJu Oh (@real_as3617) on 2022-02-14

[1000408] Low CVE-2022-1499: Inappropriate implementation in WebAuthentication. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-09-04

[1223475] Low CVE-2022-1500: Insufficient data validation in Dev Tools. Reported by Hoang Nguyen on 2021-06-25

[1293191] Low CVE-2022-1501: Inappropriate implementation in iframe. Reported by Oriol Brufau on 2022-02-02
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-05-02 03:18:27 UTC
Tarballs out yet?
Comment 3 Ian Kumlien 2022-05-02 07:41:09 UTC
Tarballs? 

According to the ebuild:
SRC_URI="https://dl.google.com/linux/chrome/deb/pool/main/g/${MY_PN}/${MY_P}_amd64.deb"

So yes, the deb has been out for quite a while....
Comment 4 Alexander Sergeyev 2022-05-02 20:25:37 UTC
The tarball seems to be available now:

$ curl --head https://commondatastorage.googleapis.com/chromium-browser-official/chromium-101.0.4951.41.tar.xz

HTTP/2 200
...
Comment 5 Luke-Jr 2022-05-03 00:00:11 UTC
FWIW, I renamed chromium-101.0.4951.34 to .41 and have been using it since Apr 27

Seems to just work.
Comment 6 Larry the Git Cow gentoo-dev 2022-05-05 20:03:05 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c14562155978a3efdc8dc96bbc49369c682829de

commit c14562155978a3efdc8dc96bbc49369c682829de
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-05-05 20:02:47 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-05-05 20:02:58 +0000

    www-client/chromium: add 101.0.4951.54
    
    Bug: https://bugs.gentoo.org/841371
    Signed-off-by: Sam James <sam@gentoo.org>

 www-client/chromium/Manifest                      |    1 +
 www-client/chromium/chromium-101.0.4951.54.ebuild | 1011 +++++++++++++++++++++
 2 files changed, 1012 insertions(+)
Comment 7 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-05-06 00:40:09 UTC
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9ad114a619937fecfcd747c19028587a7bea05b5

commit 9ad114a619937fecfcd747c19028587a7bea05b5
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-05-06 00:39:21 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-05-06 00:39:29 +0000

    www-client/chromium: promote 101 to stable channel
    
    Bug: https://bugs.gentoo.org/842831
    Signed-off-by: Sam James <sam@gentoo.org>

 www-client/chromium/chromium-101.0.4951.54.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 8 Stephan Hartmann gentoo-dev 2022-05-09 07:36:17 UTC
Cleanup done.