SB2018082308 - Gentoo update for Chromium, Google Chrome

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018082308

SB2018082308 - Gentoo update for Chromium, Google Chrome

Published: August 23, 2018 Updated: July 1, 2021

Security Bulletin ID SB2018082308
Severity
High
Patch available
YES
Number of vulnerabilities 32
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 16% Medium 19% Low 66%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 32 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2018-4117)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to input validation flaw in the WebKit component fetch API. A remote attacker can bypass cross-origin restrictions and obtain potentially sensitive information.

2) Privilege escalation (CVE-ID: CVE-2018-6044)

The vulnerability allows a local atacaker to gain elevated privileges on the target system.

The weakness exists due to unspecified flaw. A local attacker can use specially crafted extensions and gain elevated privileges to conduct further attacks.

3) Information disclosure (CVE-ID: CVE-2018-6150)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to unspecified flaw. A remote attacker can trick the victim into visiting a specially crafted website and gain access to arbitrary data.

4) Improper input validation (CVE-ID: CVE-2018-6151)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to bad cast in DevTools. A remote attacker can trick the victim into visiting a specially crafted website and cause the service to crash.

5) Improper input validation (CVE-ID: CVE-2018-6152)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to local file write in DevTools. A local attacker can write arbitrary files and cause the service to crash.

6) Stack-based buffer overflow (CVE-ID: CVE-2018-6153)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to stack-based buffer overflow in Skia when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

7) Heap-based buffer overflow (CVE-ID: CVE-2018-6154)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in WebGL when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

8) Use-after-free error (CVE-ID: CVE-2018-6155)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in WebRTC when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

9) Heap-based buffer overflow (CVE-ID: CVE-2018-6156)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in WebRTC when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

10) Type confusion (CVE-ID: CVE-2018-6157)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to type confusion in WebRTC when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

11) Use-after-free error (CVE-ID: CVE-2018-6158)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to use-after-free error in Blink when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

12) Security restrictions bypass (CVE-ID: CVE-2018-6159)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass same origin policy in ServiceWorker.

13) Spoofing attack (CVE-ID: CVE-2018-6160)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Chrome on iOS. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

14) Security restrictions bypass (CVE-ID: CVE-2018-6161)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass same origin policy in WebAudio.

15) Heap-based buffer overflow (CVE-ID: CVE-2018-6162)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to heap-based buffer overflow in WebGL when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

16) Spoofing attack (CVE-ID: CVE-2018-6163)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

17) Security restrictions bypass (CVE-ID: CVE-2018-6164)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass same origin policy in ServiceWorker.

18) Spoofing attack (CVE-ID: CVE-2018-6165)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

19) Spoofing attack (CVE-ID: CVE-2018-6166)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

20) Spoofing attack (CVE-ID: CVE-2018-6167)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

21) Security restrictions bypass (CVE-ID: CVE-2018-6168)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass CORS in Blink.

22) Security restrictions bypass (CVE-ID: CVE-2018-6169)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions in extension installation.

23) Type confusion (CVE-ID: CVE-2018-6170)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to type confusion in PDFium when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

24) Use-after-free error (CVE-ID: CVE-2018-6171)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to  use-after-free error in WebBluetooth when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

25) Spoofing attack (CVE-ID: CVE-2018-6172)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

26) Spoofing attack (CVE-ID: CVE-2018-6173)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

27) Integer overflow (CVE-ID: CVE-2018-6174)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to integer overflow in SwiftShader when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

28) Spoofing attack (CVE-ID: CVE-2018-6175)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

29) Privilege escalation (CVE-ID: CVE-2018-6176)

The vulnerability allows a local atacaker to gain elevated privileges on the target system.

The weakness exists due to unspecified flaw. A local attacker can use specially crafted extensions and gain elevated privileges in Extensions to conduct further attacks.

30) Memory leak (CVE-ID: CVE-2018-6177)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to cross origin information leak in Blink. A remote attacker can trick the victim into visiting a specially crafted website and gain access to arbitrary data.

31) Spoofing attack (CVE-ID: CVE-2018-6178)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in UI. A remote attacker can trick the victim into visiting a specially crafted website and spoof UI in Extensions.

32) Memory leak (CVE-ID: CVE-2018-6179)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to local file information leak in Extensions A local attacker can gain access to arbitrary data.

Remediation

Install update from vendor's website.

References