SB2018082235 - Fedora 27 update for chromium

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018082235

SB2018082235 - Fedora 27 update for chromium

Published: August 22, 2018 Updated: April 24, 2025

Security Bulletin ID SB2018082235
Severity
High
Patch available
YES
Number of vulnerabilities 33
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 18% Medium 18% Low 64%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 33 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2018-4117)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to input validation flaw in the WebKit component fetch API. A remote attacker can bypass cross-origin restrictions and obtain potentially sensitive information.

2) Privilege escalation (CVE-ID: CVE-2018-6044)

The vulnerability allows a local atacaker to gain elevated privileges on the target system.

The weakness exists due to unspecified flaw. A local attacker can use specially crafted extensions and gain elevated privileges to conduct further attacks.

3) Information disclosure (CVE-ID: CVE-2018-6150)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to unspecified flaw. A remote attacker can trick the victim into visiting a specially crafted website and gain access to arbitrary data.

4) Improper input validation (CVE-ID: CVE-2018-6151)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to bad cast in DevTools. A remote attacker can trick the victim into visiting a specially crafted website and cause the service to crash.

5) Improper input validation (CVE-ID: CVE-2018-6152)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to local file write in DevTools. A local attacker can write arbitrary files and cause the service to crash.

6) Stack-based buffer overflow (CVE-ID: CVE-2018-6153)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to stack-based buffer overflow in Skia when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

7) Heap-based buffer overflow (CVE-ID: CVE-2018-6154)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in WebGL when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

8) Use-after-free error (CVE-ID: CVE-2018-6155)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in WebRTC when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

9) Heap-based buffer overflow (CVE-ID: CVE-2018-6156)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in WebRTC when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

10) Type confusion (CVE-ID: CVE-2018-6157)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to type confusion in WebRTC when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

11) Use-after-free error (CVE-ID: CVE-2018-6158)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to use-after-free error in Blink when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

12) Security restrictions bypass (CVE-ID: CVE-2018-6159)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass same origin policy in ServiceWorker.

13) Security restrictions bypass (CVE-ID: CVE-2018-6161)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass same origin policy in WebAudio.

14) Heap-based buffer overflow (CVE-ID: CVE-2018-6162)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to heap-based buffer overflow in WebGL when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

15) Spoofing attack (CVE-ID: CVE-2018-6163)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

16) Out-of-bounds write (CVE-ID: CVE-2018-6149)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to out-of-bounds write in V8. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise

17) Spoofing attack (CVE-ID: CVE-2018-6160)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Chrome on iOS. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

18) Security restrictions bypass (CVE-ID: CVE-2018-6164)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass same origin policy in ServiceWorker.

19) Spoofing attack (CVE-ID: CVE-2018-6165)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

20) Spoofing attack (CVE-ID: CVE-2018-6166)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

21) Spoofing attack (CVE-ID: CVE-2018-6167)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

22) Security restrictions bypass (CVE-ID: CVE-2018-6168)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass CORS in Blink.

23) Security restrictions bypass (CVE-ID: CVE-2018-6169)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions in extension installation.

24) Type confusion (CVE-ID: CVE-2018-6170)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to type confusion in PDFium when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

25) Use-after-free error (CVE-ID: CVE-2018-6171)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to  use-after-free error in WebBluetooth when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

26) Spoofing attack (CVE-ID: CVE-2018-6172)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

27) Spoofing attack (CVE-ID: CVE-2018-6173)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

28) Integer overflow (CVE-ID: CVE-2018-6174)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to integer overflow in SwiftShader when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

29) Spoofing attack (CVE-ID: CVE-2018-6175)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in Omnibox. A remote attacker can trick the victim into visiting a specially crafted website and spoof URLs.

30) Privilege escalation (CVE-ID: CVE-2018-6176)

The vulnerability allows a local atacaker to gain elevated privileges on the target system.

The weakness exists due to unspecified flaw. A local attacker can use specially crafted extensions and gain elevated privileges in Extensions to conduct further attacks.

31) Memory leak (CVE-ID: CVE-2018-6177)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to cross origin information leak in Blink. A remote attacker can trick the victim into visiting a specially crafted website and gain access to arbitrary data.

32) Spoofing attack (CVE-ID: CVE-2018-6178)

The vulnerability allows a remote attacker to conduct spoofing attack.

The vulnerability exists due to an error in UI. A remote attacker can trick the victim into visiting a specially crafted website and spoof UI in Extensions.

33) Memory leak (CVE-ID: CVE-2018-6179)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to local file information leak in Extensions A local attacker can gain access to arbitrary data.

Remediation

Install update from vendor's website.

References