Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 946723 (CVE-2024-12692, CVE-2024-12693, CVE-2024-12694, CVE-2024-12695) - <www-client/chromium-131.0.6778.204, <www-client/google-chrome-131.0.6778.204, www-client/microsoft-edge, www-client/opera: multiple vulnerabilities
Summary: <www-client/chromium-131.0.6778.204, <www-client/google-chrome-131.0.6778.204...
Status: CONFIRMED
Alias: CVE-2024-12692, CVE-2024-12693, CVE-2024-12694, CVE-2024-12695
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://chromereleases.googleblog.com...
Whiteboard: A2 [stable]
Keywords:
Depends on: 946724
Blocks:
  Show dependency tree
 
Reported: 2024-12-20 23:08 UTC by Matt Jolly
Modified: 2024-12-21 09:03 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Matt Jolly gentoo-dev 2024-12-20 23:08:33 UTC
The Stable channel has been updated to 131.0.6778.204 for Linux.

This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$55000][382291459] High CVE-2024-12692: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) on 2024-12-05

[$20000][382190919] High CVE-2024-12693: Out of bounds memory access in V8. Reported by 303f06e3 on 2024-12-04

[TBD][368222741] High CVE-2024-12694: Use after free in Compositing. Reported by Anonymous on 2024-09-19

[TBD][383647255] High CVE-2024-12695: Out of bounds write in V8. Reported by 303f06e3 on 2024-12-12