Bug 30802 - Updated chromium 105.0.5195.102 packages fix vulnerabilities (incl. CVE-2022-3075)
Summary: Updated chromium 105.0.5195.102 packages fix vulnerabilities (incl. CVE-2022-...
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 8
Hardware: All Linux
Priority: High critical
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA8-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2022-09-02 09:01 CEST by christian barranco
Modified: 2022-09-04 21:48 CEST (History)
3 users (show)

See Also:
Source RPM: chromium-browser-stable-104.0.5112.101-1.mga8.src.rpm
CVE:
Status comment:


Attachments

Description christian barranco 2022-09-02 09:01:20 CEST
Hi
upstream released chromium 105.0.5195.52 on 2022-08-30, fixing 24 vulnerabilities and many bugs.

https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html

I will update Cauldron and MGA8
Comment 1 christian barranco 2022-09-03 08:35:30 CEST
Hi. Sh....t.

105...52 not even built yet, a new upstream release just popped-up to fix CVE-2022-3075, known has exploited in the wild...

https://chromereleases.googleblog.com/search/label/Stable%20updates

Summary: Updated chromium 105.0.5195.52 packages fix vulnerabilities => Updated chromium 105.0.5195.102 packages fix vulnerabilities (incl. CVE-2022-3075)

christian barranco 2022-09-03 08:35:54 CEST

Source RPM: chromium-browser-stable-104.0.5112.101-1.mga8.src.rpm => chromium-browser-stable-105.0.5195.52-1.mga8.src.rpm

Comment 2 christian barranco 2022-09-03 08:37:28 CEST
sorry, right link: 
https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html
christian barranco 2022-09-03 08:43:53 CEST

Priority: Normal => High
Severity: normal => critical

Comment 3 christian barranco 2022-09-03 08:57:10 CEST
ADVISORY NOTICE PROPOSAL
========================

New chromium-browser-stable branch fixes bugs and vulnerabilities


Description
The chromium-browser-stable package has been updated to the new 105 branch with the 105.0.5195.102 version, fixing many bugs and 25 vulnerabilities. 

Google is aware of reports that an exploit for CVE-2022-3075 exists in the wild.

Some of the addressed CVE are listed below:

High CVE-2022-3075: Insufficient data validation in Mojo. Reported by Anonymous on 2022-08-30

Critical CVE-2022-3038: Use after free in Network Service. Reported by Sergei Glazunov of Google Project Zero on 2022-06-28

High CVE-2022-3039: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-07-11

High CVE-2022-3040: Use after free in Layout. Reported by Anonymous on 2022-07-03

High CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute on 2022-07-20

High CVE-2022-3042: Use after free in PhoneHub. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-06-22

High CVE-2022-3043: Heap buffer overflow in Screen Capture. Reported by @ginggilBesel on 2022-06-16

High CVE-2022-3044: Inappropriate implementation in Site Isolation. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-02-12

High CVE-2022-3045: Insufficient validation of untrusted input in V8. Reported by Ben Noordhuis <info@bnoordhuis.nl> on 2022-06-26

High CVE-2022-3046: Use after free in Browser Tag. Reported by Rong Jian of VRI on 2022-07-21

High CVE-2022-3071: Use after free in Tab Strip. Reported by @ginggilBesel on 2022-06-06

Medium CVE-2022-3047: Insufficient policy enforcement in Extensions API. Reported by Maurice Dauer on 2022-07-07

Medium CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen. Reported by Andr.Ess on 2022-03-06

Medium CVE-2022-3049: Use after free in SplitScreen. Reported by @ginggilBesel on 2022-04-17

Medium CVE-2022-3050: Heap buffer overflow in WebUI. Reported by Zhihua Yao of KunLun Lab on 2022-06-17

Medium CVE-2022-3051: Heap buffer overflow in Exosphere. Reported by @ginggilBesel on 2022-07-18

Medium CVE-2022-3052: Heap buffer overflow in Window Manager. Reported by Khalil Zhani on 2022-07-21

Medium CVE-2022-3053: Inappropriate implementation in Pointer Lock. Reported by Jesper van den Ende (Pelican Party Studios) on 2021-11-08

Medium CVE-2022-3054: Insufficient policy enforcement in DevTools. Reported by Kuilin Li on 2022-01-24

Medium CVE-2022-3055: Use after free in Passwords. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-08-11

Low CVE-2022-3056: Insufficient policy enforcement in Content Security Policy. Reported by Anonymous on 2022-05-26

Low CVE-2022-3057: Inappropriate implementation in iframe Sandbox. Reported by Gareth Heyes on 2022-06-16

Low CVE-2022-3058: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-06-20


References
https://bugs.mageia.org/show_bug.cgi?id=30802
https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html
https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html
https://blog.chromium.org/2022/08/chrome-105-beta-custom-highlighting.html



SRPMS
8/core
chromium-browser-stable-105.0.5195.102-1.mga8


PROVIDED PACKAGES
=================
x86_64
chromium-browser-105.0.5195.102-1.mga8.x86_64.rpm
chromium-browser-stable-105.0.5195.102-1.mga8.x86_64.rpm

i586
chromium-browser-105.0.5195.102-1.mga8.i586.rpm
chromium-browser-stable-105.0.5195.102-1.mga8.i586.rpm
Comment 4 christian barranco 2022-09-04 12:37:34 CEST
Hi. Finally, ready for QA.

Assignee: chb0 => qa-bugs
CC: (none) => fri, sysadmin-bugs

christian barranco 2022-09-04 12:39:36 CEST

Source RPM: chromium-browser-stable-105.0.5195.52-1.mga8.src.rpm => chromium-browser-stable-104.0.5112.101-1.mga8.src.rpm

Comment 5 Morgan Leijström 2022-09-04 14:37:10 CEST
mga8-64 OK for me. Old i7, nvidia-current, Plasma, 4K screen
Clean update using drakrpm
Swedish localisation
Remembered settings and open tabs
Three different login methods (two national, one 2FA)
Three different video sites
Comment 6 christian barranco 2022-09-04 18:21:44 CEST
Update done on Plasma x86_64 for me as well.
Browsing, youtube, ... all good
christian barranco 2022-09-04 18:24:02 CEST

Whiteboard: (none) => MGA8-64-OK

Comment 7 Dave Hodgins 2022-09-04 20:02:23 CEST
Ok with my bank, etc. Validating the update. Advisory committed to svn.

CC: (none) => davidwhodgins
Keywords: (none) => advisory, validated_update

Comment 8 Mageia Robot 2022-09-04 21:48:36 CEST
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2022-0318.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED


Note You need to log in before you can comment on or make changes to this bug.