[1349322] Critical CVE-2022-2852: Use after free in FedCM. Reported by Sergei Glazunov of Google Project Zero on 2022-08-02 [1337538] High CVE-2022-2854: Use after free in SwiftShader. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-06-18 [1345042] High CVE-2022-2855: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-07-16 [1338135] High CVE-2022-2857: Use after free in Blink. Reported by Anonymous on 2022-06-21 [1341918] High CVE-2022-2858: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-07-05 [1350097] High CVE-2022-2853: Heap buffer overflow in Downloads. Reported by Sergei Glazunov of Google Project Zero on 2022-08-04 [1345630] High CVE-2022-2856: Insufficient validation of untrusted input in Intents. Reported by Ashley Shen and Christian Resell of Google Threat Analysis Group on 2022-07-19 [1338412] Medium CVE-2022-2859: Use after free in Chrome OS Shell. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-06-22 [$2000][1345193] Medium CVE-2022-2860: Insufficient policy enforcement in Cookies. Reported by Axel Chong on 2022-07-18 [1346236] Medium CVE-2022-2861: Inappropriate implementation in Extensions API. Reported by Rong Jian of VRI on 2022-07-21 Google is aware that an exploit for CVE-2022-2856 exists in the wild.
I think we are not affected by CVE-2022-2856. Chrome intents are an Android feature afaik. Same for CVE-2022-2859, which is ChromeOS specific.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=23b5321391e72b194192934f3a3112a1db4c8ac2 commit 23b5321391e72b194192934f3a3112a1db4c8ac2 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-08-20 03:07:23 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-08-20 03:09:14 +0000 www-client/chromium: add 104.0.5112.101 Bug: https://bugs.gentoo.org/865501 Signed-off-by: Sam James <sam@gentoo.org> www-client/chromium/Manifest | 1 + www-client/chromium/chromium-104.0.5112.101.ebuild | 1193 ++++++++++++++++++++ 2 files changed, 1194 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2b545da3430029ab15b0aadeff2d9e18de52dc87 commit 2b545da3430029ab15b0aadeff2d9e18de52dc87 Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2022-08-20 07:21:01 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2022-08-20 07:21:15 +0000 www-client/chromium-bin: add 104.0.5112.101 Bug: https://bugs.gentoo.org/865501 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium-bin/Manifest | 11 + .../chromium-bin-104.0.5112.101.ebuild | 238 +++++++++++++++++++++ 2 files changed, 249 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a008b7cc3c3bc02fa335e557f582a1baf7498fa7 commit a008b7cc3c3bc02fa335e557f582a1baf7498fa7 Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2022-08-20 07:23:41 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2022-08-20 07:23:41 +0000 www-client/chromium-bin: drop 104.0.5112.79 Bug: https://bugs.gentoo.org/865501 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium-bin/Manifest | 11 - .../chromium-bin/chromium-bin-104.0.5112.79.ebuild | 238 --------------------- 2 files changed, 249 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=cc821fda3ee186d2bcc82c6163599beb50f2302d commit cc821fda3ee186d2bcc82c6163599beb50f2302d Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-21 06:11:41 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-08-21 06:12:55 +0000 [ GLSA 202208-35 ] Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/858104 Bug: https://bugs.gentoo.org/859442 Bug: https://bugs.gentoo.org/863512 Bug: https://bugs.gentoo.org/864723 Bug: https://bugs.gentoo.org/865501 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202208-35.xml | 126 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 126 insertions(+)
GLSA done, cleanup pending. Please close when cleanup done.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=db5089f2c8433e4b0785e41129b68ae630313c83 commit db5089f2c8433e4b0785e41129b68ae630313c83 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-08-21 06:15:07 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-08-21 06:15:07 +0000 www-client/chromium: drop 103.0.5060.134, 104.0.5112.79 Bug: https://bugs.gentoo.org/865501 Signed-off-by: Sam James <sam@gentoo.org> www-client/chromium/Manifest | 3 - www-client/chromium/chromium-103.0.5060.134.ebuild | 1114 ------------------ www-client/chromium/chromium-104.0.5112.79.ebuild | 1193 -------------------- 3 files changed, 2310 deletions(-)
