Bug 33213 - Updated chromium 124.0.6367.207 packages fix vulnerabilities CVE-2024-4761,CVE-2024-4671,CVE-2024-4558,CVE-2024-4559
Summary: Updated chromium 124.0.6367.207 packages fix vulnerabilities CVE-2024-4761,CV...
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: x86_64 Linux
Priority: Normal major
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA9-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2024-05-14 21:50 CEST by christian barranco
Modified: 2024-05-16 19:53 CEST (History)
5 users (show)

See Also:
Source RPM: chromium-browser-stable-124.0.6367.118-1.mga9.tainted.src.rpm
CVE: CVE-2024-4761,CVE-2024-4671,CVE-2024-4558,CVE-2024-4559
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description christian barranco 2024-05-14 21:50:22 CEST 
Upstream just released a security fix
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_13.html

As Google is aware that an exploit exists in the wild, I submit update even if Chromium 125 package update should be ready by next week.
christian barranco 2024-05-14 21:51:15 CEST

CC: (none) => brtians1, fri, j.alberto.vc

Comment 1 christian barranco 2024-05-14 22:35:04 CEST 
ADVISORY NOTICE PROPOSAL
========================

New chromium-browser-stable 124.0.6367.207 security update


Description
The chromium-browser-stable package has been updated to the 124.0.6367.207 release. It includes 4 security fixes.

Please, do note, only x86_64 is supported from now on.
i586 support for linux was stopped some years ago and the community is not able to provide patches anymore for the latest Chromium code.

Some of the security fixes are:
* High CVE-2024-4761: Out of bounds write in V8. Reported by Anonymous on 2024-05-09
* High CVE-2024-4671: Use after free in Visuals. Reported by Anonymous on 2024-05-07
* High CVE-2024-4558: Use after free in ANGLE. Reported by gelatin dessert on 2024-04-29
* High CVE-2024-4559: Heap buffer overflow in WebAudio. Reported by Cassidy Kim(@cassidy6564) on 2024-03-2

Google is aware that exploits for CVE-2024-4761 and CVE-2024-4671 exist in the wild.


References
https://bugs.mageia.org/show_bug.cgi?id=33213
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_13.html
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html


SRPMS
9/tainted
chromium-browser-stable-124.0.6367.207-1.mga9.tainted.src.rpm


PROVIDED PACKAGES
=================
x86_64
chromium-browser-124.0.6367.207-1.mga9.tainted.x86_64.rpm
chromium-browser-stable-124.0.6367.207-1.mga9.tainted.x86_64.rpm

CVE: (none) => CVE-2024-4761,CVE-2024-4671,CVE-2024-4558,CVE-2024-4559
Summary: Updated chromium 124.0.6367.207 packages fix vulnerabilities => Updated chromium 124.0.6367.207 packages fix vulnerabilities CVE-2024-4761,CVE-2024-4671,CVE-2024-4558,CVE-2024-4559

Comment 2 Brian Rockwell 2024-05-15 03:23:32 CEST 
it hasn't made it over to the U.S. mirror yet.  I'll test it in the morning.

Thanks Christian
Comment 3 christian barranco 2024-05-15 13:15:34 CEST 
(In reply to Brian Rockwell from comment #2)
> it hasn't made it over to the U.S. mirror yet.  I'll test it in the morning.
> 
> Thanks Christian

Still building. It should be ready in about 10 hours as it is building on Rabbit.
Comment 4 Morgan Leijström 2024-05-15 13:16:56 CEST 
That build node should be renamed "toad"...
Comment 5 Morgan Leijström 2024-05-15 14:53:15 CEST 
...I meant to write turtle...
Comment 6 christian barranco 2024-05-15 22:11:51 CEST 
Ready for QA!

Assignee: chb0 => qa-bugs

katnatek 2024-05-16 04:25:34 CEST

Keywords: (none) => advisory

Comment 7 Brian Rockwell 2024-05-16 04:44:24 CEST 
I've installed it and used on two different computers.

old chromebook - Celeron N2xxxx

old APU laptop

In both systems I've used Chromium in multiple apps, mail, youtube, browsing, news sites.  

Working as designed.  I'm giving this the okay to move this ahead quickly.

Typing this from old Chromebook

$ uname -a
Linux localhost 6.6.28-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Wed Apr 17 17:19:36 UTC 2024 x86_64 GNU/Linux

Whiteboard: (none) => MGA9-64-OK

Comment 8 Thomas Andrews 2024-05-16 16:34:53 CEST 
If it's being exploited, then it should definitely go out quickly. Validating.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Comment 9 katnatek 2024-05-16 19:01:06 CEST 
Tested in Plasma Wayland
Set Ozone plataform to Wayland
All Works
Comment 10 Mageia Robot 2024-05-16 19:30:18 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0178.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED

Comment 11 Morgan Leijström 2024-05-16 19:53:47 CEST 
OK here too mga9-64

$ chromium-browser --version
Chromium 124.0.6367.207 Mageia.Org 9


Swedish localisation
Remembered settings and opened tabs
Various shops, banking, video sites
Saving files, showing pdf, printing

$ inxi -SCG
System:
  Host: localhost Kernel: 6.6.22-desktop-1.mga9 arch: x86_64 bits: 64
    Desktop: KDE Plasma v: 5.27.10 Distro: Mageia 9
CPU:
  Info: dual core model: Intel Core i5 M 540 bits: 64 type: MT MCP cache:
    L2: 512 KiB
  Speed (MHz): avg: 1331 min/max: 1199/2534 cores: 1: 1452 2: 1475 3: 1199
    4: 1199
Graphics:
  Device-1: NVIDIA GT218M [NVS 3100M] driver: nouveau v: kernel
  Device-2: Lenovo Integrated Webcam [R5U877] type: USB driver: uvcvideo
  Display: x11 server: X.org v: 1.21.1.8 with: Xwayland v: 22.1.9 driver: X:
    loaded: modesetting,v4l dri: nouveau gpu: nouveau resolution: 1920x1080~60Hz
  API: OpenGL v: 3.3 Mesa 24.0.5 renderer: NVA8
Note You need to log in before you can comment on or make changes to this bug.