Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian: Security Advisory for chromium (DSA-4886-1)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'chromium' package(s) announced via the DSA-4886-1 advisory.
Insight
Insight
Several vulnerabilities have been discovered in the chromium web browser. CVE-2021-21159 Khalil Zhani discovered a buffer overflow issue in the tab implementation. CVE-2021-21160 Marcin Noga discovered a buffer overflow issue in WebAudio. CVE-2021-21161 Khalil Zhani discovered a buffer overflow issue in the tab implementation. CVE-2021-21162 A use-after-free issue was discovered in the WebRTC implementation. CVE-2021-21163 Alison Huffman discovered a data validation issue. CVE-2021-21165 Alison Huffman discovered an error in the audio implementation. CVE-2021-21166 Alison Huffman discovered an error in the audio implementation. CVE-2021-21167 Leecraso and Guang Gong discovered a use-after-free issue in the bookmarks implementation. CVE-2021-21168 Luan Herrera discovered a policy enforcement error in the appcache. CVE-2021-21169 Bohan Liu and Moon Liang discovered an out-of-bounds access issue in the v8 javascript library. CVE-2021-21170 David Erceg discovered a user interface error. CVE-2021-21171 Irvan Kurniawan discovered a user interface error. CVE-2021-21172 Maciej Pulikowski discovered a policy enforcement error in the File System API. CVE-2021-21173 Tom Van Goethem discovered a network based information leak. CVE-2021-21174 Ashish Guatam Kambled discovered an implementation error in the Referrer policy. CVE-2021-21175 Jun Kokatsu discovered an implementation error in the Site Isolation feature. CVE-2021-21176 Luan Herrera discovered an implementation error in the full screen mode. CVE-2021-21177 Abdulrahman Alqabandi discovered a policy enforcement error in the Autofill feature. CVE-2021-21178 Japong discovered an error in the Compositor implementation. CVE-2021-21179 A use-after-free issue was discovered in the networking implementation. CVE-2021-21180 Abdulrahman Alqabandi discovered a use-after-free issue in the tab search feature. CVE-2021-21181 Xu Lin, Panagiotis Ilias, and Jason Polakis discovered a side-channel information leak in the Autofill feature. CVE-2021-21182 Luan Herrera discovered a policy enforcement error in the site navigation implementation. CVE-2021-21183 Takashi Yoneuchi discovered an implementation error in the Performance API. CVE-2021-21184 James Hartig discovered an implementation error in the Performance API. CVE-2021-21185 David Erceg discovered a policy enforcement error in Extensions. CVE-2021-21186 dhirajkumarnifty discovered a policy enforcement error in the QR scan implementation. CVE-2021-21187 Kirtikumar Anandrao Ramchandani discovered a data validation error in URL formatting. CVE-2021-21188 Woojin Oh discovered a ... Description truncated. Please see the references for more information.
Affected Software
Affected Software
'chromium' package(s) on Debian Linux.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
For the stable distribution (buster), these problems have been fixed in version 89.0.4389.114-1~deb10u1. We recommend that you upgrade your chromium packages.
Common Vulnerabilities and Exposures (CVE)
- CVE-2021-21159
- CVE-2021-21160
- CVE-2021-21161
- CVE-2021-21162
- CVE-2021-21163
- CVE-2021-21165
- CVE-2021-21166
- CVE-2021-21167
- CVE-2021-21168
- CVE-2021-21169
- CVE-2021-21170
- CVE-2021-21171
- CVE-2021-21172
- CVE-2021-21173
- CVE-2021-21174
- CVE-2021-21175
- CVE-2021-21176
- CVE-2021-21177
- CVE-2021-21178
- CVE-2021-21179
- CVE-2021-21180
- CVE-2021-21181
- CVE-2021-21182
- CVE-2021-21183
- CVE-2021-21184
- CVE-2021-21185
- CVE-2021-21186
- CVE-2021-21187
- CVE-2021-21188
- CVE-2021-21189
- CVE-2021-21190
- CVE-2021-21191
- CVE-2021-21192
- CVE-2021-21193
- CVE-2021-21194
- CVE-2021-21195
- CVE-2021-21196
- CVE-2021-21197
- CVE-2021-21198
- CVE-2021-21199