Arch Linux 811 Published by

A chromium security update has been released for Arch Linux.



Arch Linux Security Advisory ASA-202004-9
=========================================

Severity: High
Date : 2020-04-08
CVE-ID : CVE-2020-6423 CVE-2020-6430 CVE-2020-6431 CVE-2020-6432
CVE-2020-6433 CVE-2020-6434 CVE-2020-6435 CVE-2020-6436
CVE-2020-6437 CVE-2020-6438 CVE-2020-6439 CVE-2020-6440
CVE-2020-6441 CVE-2020-6442 CVE-2020-6443 CVE-2020-6444
CVE-2020-6445 CVE-2020-6446 CVE-2020-6447 CVE-2020-6448
CVE-2020-6454 CVE-2020-6455 CVE-2020-6456
Package : chromium
Type : multiple issues
Remote : Yes
Link :   https://security.archlinux.org/AVG-1128

Summary
=======

The package chromium before version 81.0.4044.92-1 is vulnerable to
multiple issues including arbitrary code execution, information
disclosure, access restriction bypass and insufficient validation.

Resolution
==========

Upgrade to 81.0.4044.92-1.

# pacman -Syu "chromium>=81.0.4044.92-1"

The problems have been fixed upstream in version 81.0.4044.92.

Workaround
==========

None.

Description
===========

- CVE-2020-6423 (arbitrary code execution)

A use after free security issue has been found in the audio component
of the chromium browser before 81.0.4044.92.

- CVE-2020-6430 (arbitrary code execution)

A type confusion security issue has been found in the V8 component of
the chromium browser before 81.0.4044.92.

- CVE-2020-6431 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
full screen component of the chromium browser before 81.0.4044.92.

- CVE-2020-6432 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
navigations component of the chromium browser before 81.0.4044.92.

- CVE-2020-6433 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
extensions component of the chromium browser before 81.0.4044.92.

- CVE-2020-6434 (arbitrary code execution)

A use-after-free security issue has been found in the devtools
component of the chromium browser before 81.0.4044.92.

- CVE-2020-6435 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
extensions component of the chromium browser before 81.0.4044.92.

- CVE-2020-6436 (arbitrary code execution)

A use-after-free security issue has been found in the window management
component of the chromium browser before 81.0.4044.92.

- CVE-2020-6437 (access restriction bypass)

An inappropriate implementation security issue has been found in the
WebView component of the chromium browser before 81.0.4044.92.

- CVE-2020-6438 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
extensions component of the chromium browser before 81.0.4044.92.

- CVE-2020-6439 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
navigations component of the chromium browser before 81.0.4044.92.

- CVE-2020-6440 (access restriction bypass)

An inappropriate implementation security issue has been found in the
extensions component of the chromium browser before 81.0.4044.92.

- CVE-2020-6441 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
omnibox component of the chromium browser before 81.0.4044.92.

- CVE-2020-6442 (access restriction bypass)

An inappropriate implementation security issue has been found in the
cache component of the chromium browser before 81.0.4044.92.

- CVE-2020-6443 (insufficient validation)

An insufficient data validation security issue has been found in the
developer tools component of the chromium browser before 81.0.4044.92.

- CVE-2020-6444 (information disclosure)

An uninitialized memory use issue has been found in the WebRTC
component of the chromium browser before 81.0.4044.92.

- CVE-2020-6445 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
trusted types component of the chromium browser before 81.0.4044.92.

- CVE-2020-6446 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
trusted types component of the chromium browser before 81.0.4044.92.

- CVE-2020-6447 (access restriction bypass)

An inappropriate implementation security issue has been found in the
developer tools component of the chromium browser before 81.0.4044.92.

- CVE-2020-6448 (arbitrary code execution)

A use-after-free security issue has been found in the V8 component of
the chromium browser before 81.0.4044.92.

- CVE-2020-6454 (arbitrary code execution)

A use after free security issue has been found in the extensions
component of the chromium browser before 81.0.4044.92.

- CVE-2020-6455 (information disclosure)

A out of bounds read security issue has been found in the WebSQL
component of the chromium browser before 81.0.4044.92.

- CVE-2020-6456 (insufficient validation)

An insufficient validation of untrusted input security issue has been
found in the clipboard component of the chromium browser before
81.0.4044.92.

Impact
======

A remote attacker might be able to access sensitive information, bypass
security measures or execute arbitrary code.

References
==========

  https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html
  https://crbug.com/1043446
  https://crbug.com/1031479
  https://crbug.com/852645
  https://crbug.com/965611
  https://crbug.com/1043965
  https://crbug.com/1048555
  https://crbug.com/1032158
  https://crbug.com/1034519
  https://crbug.com/639173
  https://crbug.com/714617
  https://crbug.com/868145
  https://crbug.com/894477
  https://crbug.com/959571
  https://crbug.com/1013906
  https://crbug.com/1040080
  https://crbug.com/922882
  https://crbug.com/933171
  https://crbug.com/933172
  https://crbug.com/991217
  https://crbug.com/1037872
  https://crbug.com/1019161
  https://crbug.com/1059669
  https://crbug.com/1040755
  https://security.archlinux.org/CVE-2020-6423
  https://security.archlinux.org/CVE-2020-6430
  https://security.archlinux.org/CVE-2020-6431
  https://security.archlinux.org/CVE-2020-6432
  https://security.archlinux.org/CVE-2020-6433
  https://security.archlinux.org/CVE-2020-6434
  https://security.archlinux.org/CVE-2020-6435
  https://security.archlinux.org/CVE-2020-6436
  https://security.archlinux.org/CVE-2020-6437
  https://security.archlinux.org/CVE-2020-6438
  https://security.archlinux.org/CVE-2020-6439
  https://security.archlinux.org/CVE-2020-6440
  https://security.archlinux.org/CVE-2020-6441
  https://security.archlinux.org/CVE-2020-6442
  https://security.archlinux.org/CVE-2020-6443
  https://security.archlinux.org/CVE-2020-6444
  https://security.archlinux.org/CVE-2020-6445
  https://security.archlinux.org/CVE-2020-6446
  https://security.archlinux.org/CVE-2020-6447
  https://security.archlinux.org/CVE-2020-6448
  https://security.archlinux.org/CVE-2020-6454
  https://security.archlinux.org/CVE-2020-6455
  https://security.archlinux.org/CVE-2020-6456