Arch Linux Security Advisory ASA-202002-3
========================================
Severity: Critical
Date    : 2020-02-06
CVE-ID  : CVE-2019-18197 CVE-2019-19880 CVE-2019-19923 CVE-2019-19925
          CVE-2019-19926 CVE-2020-6381  CVE-2020-6382  CVE-2020-6385
          CVE-2020-6387  CVE-2020-6388  CVE-2020-6389  CVE-2020-6390
          CVE-2020-6391  CVE-2020-6392  CVE-2020-6393  CVE-2020-6394
          CVE-2020-6395  CVE-2020-6396  CVE-2020-6397  CVE-2020-6398
          CVE-2020-6399  CVE-2020-6400  CVE-2020-6401  CVE-2020-6402
          CVE-2020-6403  CVE-2020-6404  CVE-2020-6405  CVE-2020-6406
          CVE-2020-6408  CVE-2020-6409  CVE-2020-6410  CVE-2020-6411
          CVE-2020-6412  CVE-2020-6413  CVE-2020-6414  CVE-2020-6415
          CVE-2020-6416
Package : chromium
Type    : multiple issues
Remote  : Yes
Link    : https://security.archlinux.org/AVG-1092

Summary
======
The package chromium before version 80.0.3987.87-1 is vulnerable to
multiple issues including arbitrary code execution, access restriction
bypass, information disclosure, insufficient validation and content
spoofing.

Resolution
=========
Upgrade to 80.0.3987.87-1.

# pacman -Syu "chromium>=80.0.3987.87-1"

The problems have been fixed upstream in version 80.0.3987.87.

Workaround
=========
None.

Description
==========
- CVE-2019-18197 (insufficient validation)

Multiple vulnerabilities have been found in the xml component of the
chromium browser before 80.0.3987.8.

- CVE-2019-19880 (insufficient validation)

Multiple vulnerabilities have been found in the SQLite component of the
chromium browser before 80.0.3987.8.

- CVE-2019-19923 (information disclosure)

An out of bounds memory access has been found in the SQLite component
of the chromium browser before 80.0.3987.8.

- CVE-2019-19925 (insufficient validation)

Multiple vulnerabilities have been found in the SQLite component of the
chromium browser before 80.0.3987.8.

- CVE-2019-19926 (insufficient validation)

An inappropriate implementation security issue has been found in the
SQLite component of the chromium browser before 80.0.3987.8.

- CVE-2020-6381 (arbitrary code execution)

An integer overflow security issue has been found in the javascript
component of the chromium browser before 80.0.3987.8.

- CVE-2020-6382 (arbitrary code execution)

A type confusion security issue has been found in the javascript
component of the chromium browser before 80.0.3987.8.

- CVE-2020-6385 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
storage component of the chromium browser before 80.0.3987.8.

- CVE-2020-6387 (arbitrary code execution)

An out of bounds write has been found in the WebRTC component of the
chromium browser before 80.0.3987.8.

- CVE-2020-6388 (information disclosure)

An out of bounds memory access has been found in the WebAudio component
of the chromium browser before 80.0.3987.8.

- CVE-2020-6389 (arbitrary code execution)

An out of bounds write has been found in the WebRTC component of the
chromium browser before 80.0.3987.8.

- CVE-2020-6390 (information disclosure)

An out of bounds memory access has been found in the streams component
of the chromium browser before 80.0.3987.8.

- CVE-2020-6391 (insufficient validation)

An insufficient validation of untrusted input security issue has been
found in the Blink component of the chromium browser before
80.0.3987.8.

- CVE-2020-6392 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
Extensions component of the chromium browser before 80.0.3987.8.

- CVE-2020-6393 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
Blink component of the chromium browser before 80.0.3987.8.

- CVE-2020-6394 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
Blink component of the chromium browser before 80.0.3987.8.

- CVE-2020-6395 (information disclosure)

An out of bounds read has been found in the javascript component of the
chromium browser before 80.0.3987.8.

- CVE-2020-6396 (access restriction bypass)

An inappropriate implementation security issue has been found in the
Skia component of the chromium browser before 80.0.3987.8.

- CVE-2020-6397 (content spoofing)

An incorrect security UI issue has been found in the sharing component
of the chromium browser before 80.0.3987.8.

- CVE-2020-6398 (information disclosure)

An uninitialized use has been found in the PDFium component of the
chromium browser before 80.0.3987.8.

- CVE-2020-6399 (access restriction bypass)

An insufficient policy enforcement issue has been found in the AppCache
component of the chromium browser before 80.0.3987.8.

- CVE-2020-6400 (access restriction bypass)

An inappropriate implementation issue has been found in the CORS
component of the chromium browser before 80.0.3987.8.

- CVE-2020-6401 (insufficient validation)

An insufficient validation of untrusted input security issue has been
found in the OmniBox component of the chromium browser before
80.0.3987.8.

- CVE-2020-6402 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
Downloads component of the chromium browser before 80.0.3987.8.

- CVE-2020-6403 (content spoofing)

A incorrect security UI issue has been found in the OmniBox component
of the chromium browser before 80.0.3987.8.

- CVE-2020-6404 (access restriction bypass)

An inappropriate implementation security issue has been found in the
Blink component of the chromium browser before 80.0.3987.8.

- CVE-2020-6405 (information disclosure)

An out of bounds read has been found in the SQLite component of the
chromium browser before 80.0.3987.8.

- CVE-2020-6406 (arbitrary code execution)

A use-after-free security issue has been found in the Audio component
of the chromium browser before 80.0.3987.8.

- CVE-2020-6408 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
CORS component of the chromium browser before 80.0.3987.8.

- CVE-2020-6409 (access restriction bypass)

An inappropriate implementation security issue has been found in the
OmniBox component of the chromium browser before 80.0.3987.8.

- CVE-2020-6410 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
navigation component of the chromium browser before 80.0.3987.8.

- CVE-2020-6411 (insufficient validation)

An insufficient validation of untrusted input security issue has been
found in the OmniBox component of the chromium browser before
80.0.3987.8.

- CVE-2020-6412 (insufficient validation)

An insufficient validation of untrusted input security issue has been
found in the OmniBox component of the chromium browser before
80.0.3987.8.

- CVE-2020-6413 (access restriction bypass)

An inappropriate implementation security issue has been found in the
Blink component of the chromium browser before 80.0.3987.8.

- CVE-2020-6414 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
Safe Browsing component of the chromium browser before 80.0.3987.8.

- CVE-2020-6415 (access restriction bypass)

An inappropriate implementation security issue has been found in the
javascript component of the chromium browser before 80.0.3987.8.

- CVE-2020-6416 (insufficient validation)

An insufficient data validation security issue has been found in the
streams component of the chromium browser before 80.0.3987.8.

Impact
=====
A remote attacker can bypass security measures, access sensitive
information, spoof the content of parts of the UI or execute arbitrary
code on the affected host.

References
=========
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html
https://security.archlinux.org/CVE-2019-18197
https://security.archlinux.org/CVE-2019-19880
https://security.archlinux.org/CVE-2019-19923
https://security.archlinux.org/CVE-2019-19925
https://security.archlinux.org/CVE-2019-19926
https://security.archlinux.org/CVE-2020-6381
https://security.archlinux.org/CVE-2020-6382
https://security.archlinux.org/CVE-2020-6385
https://security.archlinux.org/CVE-2020-6387
https://security.archlinux.org/CVE-2020-6388
https://security.archlinux.org/CVE-2020-6389
https://security.archlinux.org/CVE-2020-6390
https://security.archlinux.org/CVE-2020-6391
https://security.archlinux.org/CVE-2020-6392
https://security.archlinux.org/CVE-2020-6393
https://security.archlinux.org/CVE-2020-6394
https://security.archlinux.org/CVE-2020-6395
https://security.archlinux.org/CVE-2020-6396
https://security.archlinux.org/CVE-2020-6397
https://security.archlinux.org/CVE-2020-6398
https://security.archlinux.org/CVE-2020-6399
https://security.archlinux.org/CVE-2020-6400
https://security.archlinux.org/CVE-2020-6401
https://security.archlinux.org/CVE-2020-6402
https://security.archlinux.org/CVE-2020-6403
https://security.archlinux.org/CVE-2020-6404
https://security.archlinux.org/CVE-2020-6405
https://security.archlinux.org/CVE-2020-6406
https://security.archlinux.org/CVE-2020-6408
https://security.archlinux.org/CVE-2020-6409
https://security.archlinux.org/CVE-2020-6410
https://security.archlinux.org/CVE-2020-6411
https://security.archlinux.org/CVE-2020-6412
https://security.archlinux.org/CVE-2020-6413
https://security.archlinux.org/CVE-2020-6414
https://security.archlinux.org/CVE-2020-6415
https://security.archlinux.org/CVE-2020-6416

ArchLinux: 202002-3: chromium: multiple issues

February 7, 2020

Summary

- CVE-2019-18197 (insufficient validation) Multiple vulnerabilities have been found in the xml component of the chromium browser before 80.0.3987.8.
- CVE-2019-19880 (insufficient validation)
Multiple vulnerabilities have been found in the SQLite component of the chromium browser before 80.0.3987.8.
- CVE-2019-19923 (information disclosure)
An out of bounds memory access has been found in the SQLite component of the chromium browser before 80.0.3987.8.
- CVE-2019-19925 (insufficient validation)
Multiple vulnerabilities have been found in the SQLite component of the chromium browser before 80.0.3987.8.
- CVE-2019-19926 (insufficient validation)
An inappropriate implementation security issue has been found in the SQLite component of the chromium browser before 80.0.3987.8.
- CVE-2020-6381 (arbitrary code execution)
An integer overflow security issue has been found in the javascript component of the chromium browser before 80.0.3987.8.
- CVE-2020-6382 (arbitrary code execution)
A type confusion security issue has been found in the javascript component of the chromium browser before 80.0.3987.8.
- CVE-2020-6385 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the storage component of the chromium browser before 80.0.3987.8.
- CVE-2020-6387 (arbitrary code execution)
An out of bounds write has been found in the WebRTC component of the chromium browser before 80.0.3987.8.
- CVE-2020-6388 (information disclosure)
An out of bounds memory access has been found in the WebAudio component of the chromium browser before 80.0.3987.8.
- CVE-2020-6389 (arbitrary code execution)
An out of bounds write has been found in the WebRTC component of the chromium browser before 80.0.3987.8.
- CVE-2020-6390 (information disclosure)
An out of bounds memory access has been found in the streams component of the chromium browser before 80.0.3987.8.
- CVE-2020-6391 (insufficient validation)
An insufficient validation of untrusted input security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
- CVE-2020-6392 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the Extensions component of the chromium browser before 80.0.3987.8.
- CVE-2020-6393 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
- CVE-2020-6394 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
- CVE-2020-6395 (information disclosure)
An out of bounds read has been found in the javascript component of the chromium browser before 80.0.3987.8.
- CVE-2020-6396 (access restriction bypass)
An inappropriate implementation security issue has been found in the Skia component of the chromium browser before 80.0.3987.8.
- CVE-2020-6397 (content spoofing)
An incorrect security UI issue has been found in the sharing component of the chromium browser before 80.0.3987.8.
- CVE-2020-6398 (information disclosure)
An uninitialized use has been found in the PDFium component of the chromium browser before 80.0.3987.8.
- CVE-2020-6399 (access restriction bypass)
An insufficient policy enforcement issue has been found in the AppCache component of the chromium browser before 80.0.3987.8.
- CVE-2020-6400 (access restriction bypass)
An inappropriate implementation issue has been found in the CORS component of the chromium browser before 80.0.3987.8.
- CVE-2020-6401 (insufficient validation)
An insufficient validation of untrusted input security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
- CVE-2020-6402 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the Downloads component of the chromium browser before 80.0.3987.8.
- CVE-2020-6403 (content spoofing)
A incorrect security UI issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
- CVE-2020-6404 (access restriction bypass)
An inappropriate implementation security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
- CVE-2020-6405 (information disclosure)
An out of bounds read has been found in the SQLite component of the chromium browser before 80.0.3987.8.
- CVE-2020-6406 (arbitrary code execution)
A use-after-free security issue has been found in the Audio component of the chromium browser before 80.0.3987.8.
- CVE-2020-6408 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the CORS component of the chromium browser before 80.0.3987.8.
- CVE-2020-6409 (access restriction bypass)
An inappropriate implementation security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
- CVE-2020-6410 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the navigation component of the chromium browser before 80.0.3987.8.
- CVE-2020-6411 (insufficient validation)
An insufficient validation of untrusted input security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
- CVE-2020-6412 (insufficient validation)
An insufficient validation of untrusted input security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
- CVE-2020-6413 (access restriction bypass)
An inappropriate implementation security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
- CVE-2020-6414 (access restriction bypass)
An insufficient policy enforcement security issue has been found in the Safe Browsing component of the chromium browser before 80.0.3987.8.
- CVE-2020-6415 (access restriction bypass)
An inappropriate implementation security issue has been found in the javascript component of the chromium browser before 80.0.3987.8.
- CVE-2020-6416 (insufficient validation)
An insufficient data validation security issue has been found in the streams component of the chromium browser before 80.0.3987.8.

Resolution

Upgrade to 80.0.3987.87-1. # pacman -Syu "chromium>=80.0.3987.87-1"
The problems have been fixed upstream in version 80.0.3987.87.

References

https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html https://security.archlinux.org/CVE-2019-18197 https://security.archlinux.org/CVE-2019-19880 https://security.archlinux.org/CVE-2019-19923 https://security.archlinux.org/CVE-2019-19925 https://security.archlinux.org/CVE-2019-19926 https://security.archlinux.org/CVE-2020-6381 https://security.archlinux.org/CVE-2020-6382 https://security.archlinux.org/CVE-2020-6385 https://security.archlinux.org/CVE-2020-6387 https://security.archlinux.org/CVE-2020-6388 https://security.archlinux.org/CVE-2020-6389 https://security.archlinux.org/CVE-2020-6390 https://security.archlinux.org/CVE-2020-6391 https://security.archlinux.org/CVE-2020-6392 https://security.archlinux.org/CVE-2020-6393 https://security.archlinux.org/CVE-2020-6394 https://security.archlinux.org/CVE-2020-6395 https://security.archlinux.org/CVE-2020-6396 https://security.archlinux.org/CVE-2020-6397 https://security.archlinux.org/CVE-2020-6398 https://security.archlinux.org/CVE-2020-6399 https://security.archlinux.org/CVE-2020-6400 https://security.archlinux.org/CVE-2020-6401 https://security.archlinux.org/CVE-2020-6402 https://security.archlinux.org/CVE-2020-6403 https://security.archlinux.org/CVE-2020-6404 https://security.archlinux.org/CVE-2020-6405 https://security.archlinux.org/CVE-2020-6406 https://security.archlinux.org/CVE-2020-6408 https://security.archlinux.org/CVE-2020-6409 https://security.archlinux.org/CVE-2020-6410 https://security.archlinux.org/CVE-2020-6411 https://security.archlinux.org/CVE-2020-6412 https://security.archlinux.org/CVE-2020-6413 https://security.archlinux.org/CVE-2020-6414 https://security.archlinux.org/CVE-2020-6415 https://security.archlinux.org/CVE-2020-6416

Severity
CVE-2019-19926 CVE-2020-6381 CVE-2020-6382 CVE-2020-6385
CVE-2020-6387 CVE-2020-6388 CVE-2020-6389 CVE-2020-6390
CVE-2020-6391 CVE-2020-6392 CVE-2020-6393 CVE-2020-6394
CVE-2020-6395 CVE-2020-6396 CVE-2020-6397 CVE-2020-6398
CVE-2020-6399 CVE-2020-6400 CVE-2020-6401 CVE-2020-6402
CVE-2020-6403 CVE-2020-6404 CVE-2020-6405 CVE-2020-6406
CVE-2020-6408 CVE-2020-6409 CVE-2020-6410 CVE-2020-6411
CVE-2020-6412 CVE-2020-6413 CVE-2020-6414 CVE-2020-6415
CVE-2020-6416
Package : chromium
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-1092

Workaround

None.

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved