SB2017110920 - Fedora 26 update for chromium

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017110920

SB2017110920 - Fedora 26 update for chromium

Published: November 9, 2017 Updated: April 24, 2025

Security Bulletin ID SB2017110920
Severity
High
Patch available
YES
Number of vulnerabilities 22
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 22 secuirty vulnerabilities.


1) Stack-based buffer overflow (CVE-ID: CVE-2017-15398)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to stack-based buffer overflow in QUIC. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

2) Use-after-free error (CVE-ID: CVE-2017-15399)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in V8. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

3) Spoofing attack (CVE-ID: CVE-2017-15386)

The disclosed vulnerability allows a remote attacker to conduct spoofing attacks.

The vulnerability exists due to an error in Blink. A remote attacker can trick the victim into visiting a specially crafted website and spoof the UI.


4) Spoofing attack (CVE-ID: CVE-2017-15387)

The disclosed vulnerability allows a remote attacker to bypass security restrictions.

The vulnerability exists due to an error in Blink. A remote attacker can trick the victim into visiting a specially crafted website and bypass content security restrictions.


5) Out-of-bounds read (CVE-ID: CVE-2017-15388)

The disclosed vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to out-of-bounds read in Skia. A remote attacker can trick the victim into visiting a specially crafted website and gain access to arbitrary data.


6) Spoofing attack (CVE-ID: CVE-2017-15389)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to URL spoofing in OmniBox. A remote attacker can trick the victim into visiting a specially crafted website and conduct domain spoofing attacks.

Successful exploitation of the vulnerability results in address spoofing.


7) Spoofing attack (CVE-ID: CVE-2017-15390)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to URL spoofing in OmniBox. A remote attacker can trick the victim into visiting a specially crafted website and conduct domain spoofing attacks.

Successful exploitation of the vulnerability results in address spoofing.


8) Security restrictions bypass (CVE-ID: CVE-2017-15391)

The vulnerability allows a remote attacker to bypass security restrictions.

The vulnerability exists due to an error in Extensions. A remote attacker can trick the victim into visiting a specially crafted website and bypass extension limitation.


9) Security restrictions bypass (CVE-ID: CVE-2017-15392)

The vulnerability allows a remote attacker to bypass security restrictions.

The vulnerability exists due to incorrect registry key handling in PlatformIntegration. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions.


10) Memory leak (CVE-ID: CVE-2017-15393)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to referrer leak in Devtools. A remote attacker can trick the victim into visiting a specially crafted website and read arbitrary files on the target system.


11) Spoofing attack (CVE-ID: CVE-2017-15394)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to URL spoofing in extensions UI. A remote attacker can trick the victim into visiting a specially crafted website and conduct domain spoofing attacks.


12) Null pointer dereference (CVE-ID: CVE-2017-15395)

The vulnerability allows a remote attacker to cause DoS condition.

The vulnerability exists due to null pointer dereference in ImageCapture. A remote attacker can trick the victim into visiting a specially crafted website, trigger null pointer dereference and cause the application to crash.


13) Universal XSS (CVE-ID: CVE-2017-5124)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists in the link modal due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary MHTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


14) Heap-based buffer overflow (CVE-ID: CVE-2017-5125)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in Skia. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

15) Use-after-free error (CVE-ID: CVE-2017-5126)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in PDFium. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

16) Use-after-free error (CVE-ID: CVE-2017-5127)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in PDFium. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

17) Out-of-bounds write (CVE-ID: CVE-2017-5133)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to out-of-bounds write in Skia. A remote attacker can trick the victim into visiting a specially crafted website trigger out-of-bounds error and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

18) Out-of-bounds write (CVE-ID: CVE-2017-5131)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to out-of-bounds write in Skia. A remote attacker can trick the victim into visiting a specially crafted website trigger out-of-bounds error and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

19) Heap-based buffer overflow (CVE-ID: CVE-2017-5130)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in libxml2. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

20) Memory corruption (CVE-ID: CVE-2017-5132)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to incorrect stack manipulation in WebAssembly. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

21) Use-after-free error (CVE-ID: CVE-2017-5129)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in WebAudio. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

22) Heap-based buffer overflow (CVE-ID: CVE-2017-5128)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in WebGLk. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Install update from vendor's website.

References