Arch Linux 803 Published by

A vivaldi security update to address multiple issues has been released for Arch Linux.



ASA-202112-1: vivaldi: multiple issues


Arch Linux Security Advisory ASA-202112-1
========================================
Severity: High
Date : 2021-12-03
CVE-ID : CVE-2021-37981 CVE-2021-37982 CVE-2021-37984 CVE-2021-37985
CVE-2021-37986 CVE-2021-37987 CVE-2021-37988 CVE-2021-37989
CVE-2021-37990 CVE-2021-37991 CVE-2021-37992 CVE-2021-37993
CVE-2021-37994 CVE-2021-37995 CVE-2021-37996 CVE-2021-37998
CVE-2021-38000 CVE-2021-38001 CVE-2021-38003 CVE-2021-38004
CVE-2021-38005 CVE-2021-38006 CVE-2021-38007 CVE-2021-38008
CVE-2021-38009 CVE-2021-38010 CVE-2021-38011 CVE-2021-38012
CVE-2021-38013 CVE-2021-38014 CVE-2021-38015 CVE-2021-38016
CVE-2021-38017 CVE-2021-38018 CVE-2021-38019 CVE-2021-38020
CVE-2021-38021 CVE-2021-38022
Package : vivaldi
Type : multiple issues
Remote : Yes
Link :   https://security.archlinux.org/AVG-2475

Summary
======
The package vivaldi before version 5.0.2497.24-1 is vulnerable to
multiple issues including arbitrary code execution, insufficient
validation, access restriction bypass, content spoofing, information
disclosure, same-origin policy bypass, sandbox escape and denial of
service.

Resolution
=========
Upgrade to 5.0.2497.24-1.

# pacman -Syu "vivaldi>=5.0.2497.24-1"

The problems have been fixed upstream in version 5.0.2497.24.

Workaround
=========
None.

Description
==========
- CVE-2021-37981 (arbitrary code execution)

A heap buffer overflow security issue has been found in the Skia
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37982 (arbitrary code execution)

A use after free security issue has been found in the Incognito
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37984 (arbitrary code execution)

A heap buffer overflow security issue has been found in the PDFium
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37985 (arbitrary code execution)

A use after free security issue has been found in the V8 component of
the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37986 (arbitrary code execution)

A heap buffer overflow security issue has been found in the Settings
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37987 (arbitrary code execution)

A use after free security issue has been found in the Network APIs
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37988 (arbitrary code execution)

A use after free security issue has been found in the Profiles
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37989 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
Blink component of the Chromium browser engine before version
95.0.4638.54.

- CVE-2021-37990 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
WebView component of the Chromium browser engine before version
95.0.4638.54.

- CVE-2021-37991 (arbitrary code execution)

A race security issue has been found in the V8 component of the
Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37992 (information disclosure)

An out of bounds read security issue has been found in the WebAudio
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37993 (arbitrary code execution)

A use after free security issue has been found in the PDF Accessibility
component of the Chromium browser engine before version 95.0.4638.54.

- CVE-2021-37994 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
iFrame Sandbox component of the Chromium browser engine before version
95.0.4638.54.

- CVE-2021-37995 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
WebApp Installer component of the Chromium browser engine before
version 95.0.4638.54.

- CVE-2021-37996 (insufficient validation)

An insufficient validation of untrusted input security issue has been
found in the Downloads component of the Chromium browser engine before
version 95.0.4638.54.

- CVE-2021-37998 (arbitrary code execution)

A use after free security issue has been found in the Garbage
Collection component of the Chromium browser engine before version
95.0.4638.69.

- CVE-2021-38000 (insufficient validation)

An insufficient validation of untrusted input security issue has been
found in the Intents component of the Chromium browser engine before
version 95.0.4638.69. Google is aware that an exploit for
CVE-2021-38000 exists in the wild.

- CVE-2021-38001 (arbitrary code execution)

A type confusion security issue has been found in the V8 component of
the Chromium browser engine before version 95.0.4638.69.

- CVE-2021-38003 (arbitrary code execution)

An inappropriate implementation security issue has been found in the V8
component of the Chromium browser engine before version 95.0.4638.69.
Google is aware that an exploit for CVE-2021-38003 exists in the wild.

- CVE-2021-38004 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
Autofill component of the Chromium browser engine before version
95.0.4638.69.

- CVE-2021-38005 (arbitrary code execution)

A use after free security issue has been found in the loader component
of the Chromium browser engine before version 96.0.4664.45.

- CVE-2021-38006 (arbitrary code execution)

A use after free security issue has been found in the storage
foundation component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38007 (arbitrary code execution)

A type confusion security issue has been found in the V8 component of
the Chromium browser engine before version 96.0.4664.45.

- CVE-2021-38008 (arbitrary code execution)

A use after free security issue has been found in the media component
of the Chromium browser engine before version 96.0.4664.45.

- CVE-2021-38009 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
cache component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38010 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
service workers component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38011 (arbitrary code execution)

A use after free security issue has been found in the storage
foundation component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38012 (arbitrary code execution)

A type confusion security issue has been found in the V8 component of
the Chromium browser engine before version 96.0.4664.45.

- CVE-2021-38013 (arbitrary code execution)

A heap buffer overflow security issue has been found in the fingerprint
recognition component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38014 (arbitrary code execution)

An out of bounds write security issue has been found in the Swiftshader
component of the Chromium browser engine before version 96.0.4664.45.

- CVE-2021-38015 (arbitrary code execution)

An inappropriate implementation security issue has been found in the
input component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38016 (access restriction bypass)

An insufficient policy enforcement security issue has been found in the
background fetch component of the Chromium browser engine before
version 96.0.4664.45.

- CVE-2021-38017 (sandbox escape)

An insufficient policy enforcement security issue has been found in the
iframe sandbox component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38018 (content spoofing)

An inappropriate implementation security issue has been found in the
navigation component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38019 (same-origin policy bypass)

An insufficient policy enforcement security issue has been found in the
CORS component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38020 (information disclosure)

An insufficient policy enforcement security issue has been found in the
contacts picker component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38021 (information disclosure)

An inappropriate implementation security issue has been found in the
referrer component of the Chromium browser engine before version
96.0.4664.45.

- CVE-2021-38022 (denial of service)

An inappropriate implementation security issue has been found in the
WebAuthentication component of the Chromium browser engine before
version 96.0.4664.45.

Impact
=====
A remote attacker could execute arbitrary code, disclose sensitive
information, spoof content, bypass security restrictions or crash the
browser through crafted web content. Google is aware that exploits for
two of the security issues exist in the wild.

References
=========
  https://vivaldi.com/blog/desktop/update-three-4-3/
  https://vivaldi.com/blog/desktop/further-updates-to-theme-sharing-vivaldi-browser-snapshot-2488-3/
  https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html
  https://crbug.com/1246631
  https://crbug.com/1248661
  https://crbug.com/1253399
  https://crbug.com/1241860
  https://crbug.com/1242404
  https://crbug.com/1206928
  https://crbug.com/1228248
  https://crbug.com/1233067
  https://crbug.com/1247395
  https://crbug.com/1250660
  https://crbug.com/1253746
  https://crbug.com/1255332
  https://crbug.com/1100761
  https://crbug.com/1242315
  https://crbug.com/1243020
  https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html
  https://crbug.com/1259587
  https://crbug.com/1249962
  https://crbug.com/1260577
  https://crbug.com/1263462
  https://crbug.com/1227170
  https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html
  https://crbug.com/1241091
  https://crbug.com/1240593
  https://crbug.com/1254189
  https://crbug.com/1263620
  https://crbug.com/1260649
  https://crbug.com/1264477
  https://crbug.com/1268274
  https://crbug.com/1262791
  https://crbug.com/1242392
  https://crbug.com/1248567
  https://crbug.com/957553
  https://crbug.com/1244289
  https://crbug.com/1256822
  https://crbug.com/1197889
  https://crbug.com/1251179
  https://crbug.com/1259694
  https://crbug.com/1233375
  https://crbug.com/1248862
  https://security.archlinux.org/CVE-2021-37981
  https://security.archlinux.org/CVE-2021-37982
  https://security.archlinux.org/CVE-2021-37984
  https://security.archlinux.org/CVE-2021-37985
  https://security.archlinux.org/CVE-2021-37986
  https://security.archlinux.org/CVE-2021-37987
  https://security.archlinux.org/CVE-2021-37988
  https://security.archlinux.org/CVE-2021-37989
  https://security.archlinux.org/CVE-2021-37990
  https://security.archlinux.org/CVE-2021-37991
  https://security.archlinux.org/CVE-2021-37992
  https://security.archlinux.org/CVE-2021-37993
  https://security.archlinux.org/CVE-2021-37994
  https://security.archlinux.org/CVE-2021-37995
  https://security.archlinux.org/CVE-2021-37996
  https://security.archlinux.org/CVE-2021-37998
  https://security.archlinux.org/CVE-2021-38000
  https://security.archlinux.org/CVE-2021-38001
  https://security.archlinux.org/CVE-2021-38003
  https://security.archlinux.org/CVE-2021-38004
  https://security.archlinux.org/CVE-2021-38005
  https://security.archlinux.org/CVE-2021-38006
  https://security.archlinux.org/CVE-2021-38007
  https://security.archlinux.org/CVE-2021-38008
  https://security.archlinux.org/CVE-2021-38009
  https://security.archlinux.org/CVE-2021-38010
  https://security.archlinux.org/CVE-2021-38011
  https://security.archlinux.org/CVE-2021-38012
  https://security.archlinux.org/CVE-2021-38013
  https://security.archlinux.org/CVE-2021-38014
  https://security.archlinux.org/CVE-2021-38015
  https://security.archlinux.org/CVE-2021-38016
  https://security.archlinux.org/CVE-2021-38017
  https://security.archlinux.org/CVE-2021-38018
  https://security.archlinux.org/CVE-2021-38019
  https://security.archlinux.org/CVE-2021-38020
  https://security.archlinux.org/CVE-2021-38021
  https://security.archlinux.org/CVE-2021-38022