1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2022-b49c9bc07a

[FEDORA-2022-b49c9bc07a] Fedora 36: chromium

Severity Critical
Affected Packages 1
CVEs 66
Info Packages References Vulnerabilities

Update to chromium-105.0.5195.125. This package only has minor changes... ah,
just kidding. Here is the pile of security issues it fixes: CVE-2022-2007
CVE-2022-2008 CVE-2022-2010 CVE-2022-2011 CVE-2022-2603 CVE-2022-2604
CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609
CVE-2022-2610 CVE-2022-2611 CVE-2022-2612 CVE-2022-2613 CVE-2022-2614
CVE-2022-2615 CVE-2022-2616 CVE-2022-2617 CVE-2022-2618 CVE-2022-2619
CVE-2022-2620 CVE-2022-2621 CVE-2022-2622 CVE-2022-2623 CVE-2022-2624
CVE-2022-2852 CVE-2022-2854 CVE-2022-2855 CVE-2022-2857 CVE-2022-2858
CVE-2022-2853 CVE-2022-2856 CVE-2022-2859 CVE-2022-2860 CVE-2022-2861
CVE-2022-3038 CVE-2022-3039 CVE-2022-3040 CVE-2022-3041 CVE-2022-3042
CVE-2022-3043 CVE-2022-3044 CVE-2022-3045 CVE-2022-3046 CVE-2022-3071
CVE-2022-3047 CVE-2022-3048 CVE-2022-3049 CVE-2022-3050 CVE-2022-3051
CVE-2022-3052 CVE-2022-3053 CVE-2022-3054 CVE-2022-3055 CVE-2022-3056
CVE-2022-3057 CVE-2022-3058 CVE-2022-3075 CVE-2022-3195 CVE-2022-3196
CVE-2022-3197 CVE-2022-3198 CVE-2022-3199 CVE-2022-3200 CVE-2022-3201

Package Affected Version
pkg:rpm/fedora/chromium?distro=fedora-36 < 105.0.5195.125.2.fc36
ID
FEDORA-2022-b49c9bc07a
Severity
critical
Severity from
CVE-2022-3075
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b49c9bc07a
Published
2022-10-05T01:01:54
(23 months ago)
Modified
2022-10-05T01:01:54
(23 months ago)
Rights
Copyright 2022 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 2126922 Bug #2126922 - CVE-2022-3199 chromium-browser: Use after free in Frames https://bugzilla.redhat.com/show_bug.cgi?id=2126922
Bugzilla 2123673 Bug #2123673 - CVE-2022-3049 chromium-browser: Use after free in SplitScreen https://bugzilla.redhat.com/show_bug.cgi?id=2123673
Bugzilla 2114703 Bug #2114703 - CVE-2022-2613 chromium-browser: Use after free in Input https://bugzilla.redhat.com/show_bug.cgi?id=2114703
Bugzilla 2114696 Bug #2114696 - CVE-2022-2606 chromium-browser: Use after free in Managed devices API https://bugzilla.redhat.com/show_bug.cgi?id=2114696
Bugzilla 2114709 Bug #2114709 - CVE-2022-2619 chromium-browser: Insufficient validation of untrusted input in Settings https://bugzilla.redhat.com/show_bug.cgi?id=2114709
Bugzilla 2114705 Bug #2114705 - CVE-2022-2615 chromium-browser: Insufficient policy enforcement in Cookies https://bugzilla.redhat.com/show_bug.cgi?id=2114705
Bugzilla 2123678 Bug #2123678 - CVE-2022-3054 chromium-browser: Insufficient policy enforcement in DevTools https://bugzilla.redhat.com/show_bug.cgi?id=2123678
Bugzilla 2123680 Bug #2123680 - CVE-2022-3056 chromium-browser: Insufficient policy enforcement in Content Security Policy https://bugzilla.redhat.com/show_bug.cgi?id=2123680
Bugzilla 2118939 Bug #2118939 - CVE-2022-2853 chromium-browser: Heap buffer overflow in Downloads https://bugzilla.redhat.com/show_bug.cgi?id=2118939
Bugzilla 2095757 Bug #2095757 - CVE-2022-2007 chromium-browser: Use after free in WebGPU https://bugzilla.redhat.com/show_bug.cgi?id=2095757
Bugzilla 2114704 Bug #2114704 - CVE-2022-2614 chromium-browser: Use after free in Sign-In Flow https://bugzilla.redhat.com/show_bug.cgi?id=2114704
Bugzilla 2118944 Bug #2118944 - CVE-2022-2861 chromium-browser: Inappropriate implementation in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2118944
Bugzilla 2123664 Bug #2123664 - CVE-2022-3041 chromium-browser: Use after free in WebSQL https://bugzilla.redhat.com/show_bug.cgi?id=2123664
Bugzilla 2118935 Bug #2118935 - CVE-2022-2854 chromium-browser: Use after free in SwiftShader https://bugzilla.redhat.com/show_bug.cgi?id=2118935
Bugzilla 2114713 Bug #2114713 - CVE-2022-2623 chromium-browser: Use after free in Offline https://bugzilla.redhat.com/show_bug.cgi?id=2114713
Bugzilla 2126918 Bug #2126918 - CVE-2022-3195 chromium-browser: Out of bounds write in Storage https://bugzilla.redhat.com/show_bug.cgi?id=2126918
Bugzilla 2114702 Bug #2114702 - CVE-2022-2612 chromium-browser: Side-channel information leakage in Keyboard input https://bugzilla.redhat.com/show_bug.cgi?id=2114702
Bugzilla 2123671 Bug #2123671 - CVE-2022-3047 chromium-browser: Insufficient policy enforcement in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2123671
Bugzilla 2118943 Bug #2118943 - CVE-2022-2860 chromium-browser: Insufficient policy enforcement in Cookies https://bugzilla.redhat.com/show_bug.cgi?id=2118943
Bugzilla 2114695 Bug #2114695 - CVE-2022-2605 chromium-browser: Out of bounds read in Dawn https://bugzilla.redhat.com/show_bug.cgi?id=2114695
Bugzilla 2126924 Bug #2126924 - CVE-2022-3201 chromium-browser: Insufficient validation of untrusted input in DevTools https://bugzilla.redhat.com/show_bug.cgi?id=2126924
Bugzilla 2118942 Bug #2118942 - CVE-2022-2859 chromium-browser: Use after free in Chrome OS Shell https://bugzilla.redhat.com/show_bug.cgi?id=2118942
Bugzilla 2123681 Bug #2123681 - CVE-2022-3057 chromium-browser: Inappropriate implementation in iframe Sandbox https://bugzilla.redhat.com/show_bug.cgi?id=2123681
Bugzilla 2114710 Bug #2114710 - CVE-2022-2620 chromium-browser: Use after free in WebUI https://bugzilla.redhat.com/show_bug.cgi?id=2114710
Bugzilla 2114694 Bug #2114694 - CVE-2022-2604 chromium-browser: Use after free in Safe Browsing https://bugzilla.redhat.com/show_bug.cgi?id=2114694
Bugzilla 2126923 Bug #2126923 - CVE-2022-3200 chromium-browser: Heap buffer overflow in Internals https://bugzilla.redhat.com/show_bug.cgi?id=2126923
Bugzilla 2123660 Bug #2123660 - CVE-2022-3038 chromium-browser: Use after free in Network Service https://bugzilla.redhat.com/show_bug.cgi?id=2123660
Bugzilla 2123672 Bug #2123672 - CVE-2022-3048 chromium-browser: Inappropriate implementation in Chrome OS lockscreen https://bugzilla.redhat.com/show_bug.cgi?id=2123672
Bugzilla 2114700 Bug #2114700 - CVE-2022-2610 chromium-browser: Insufficient policy enforcement in Background Fetch https://bugzilla.redhat.com/show_bug.cgi?id=2114700
Bugzilla 2123679 Bug #2123679 - CVE-2022-3055 chromium-browser: Use after free in Passwords https://bugzilla.redhat.com/show_bug.cgi?id=2123679
Bugzilla 2114707 Bug #2114707 - CVE-2022-2617 chromium-browser: Use after free in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2114707
Bugzilla 2124154 Bug #2124154 - CVE-2022-3075 chromium-browser: Insufficient data validation in Mojo https://bugzilla.redhat.com/show_bug.cgi?id=2124154
Bugzilla 2114706 Bug #2114706 - CVE-2022-2616 chromium-browser: Inappropriate implementation in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2114706
Bugzilla 2123669 Bug #2123669 - CVE-2022-3046 chromium-browser: Use after free in Browser Tag https://bugzilla.redhat.com/show_bug.cgi?id=2123669
Bugzilla 2114711 Bug #2114711 - CVE-2022-2621 chromium-browser: Use after free in Extensions https://bugzilla.redhat.com/show_bug.cgi?id=2114711
Bugzilla 2118934 Bug #2118934 - CVE-2022-2852 chromium-browser: Use after free in FedCM https://bugzilla.redhat.com/show_bug.cgi?id=2118934
Bugzilla 2123677 Bug #2123677 - CVE-2022-3053 chromium-browser: Inappropriate implementation in Pointer Lock https://bugzilla.redhat.com/show_bug.cgi?id=2123677
Bugzilla 2123662 Bug #2123662 - CVE-2022-3040 chromium-browser: Use after free in Layout https://bugzilla.redhat.com/show_bug.cgi?id=2123662
Bugzilla 2126919 Bug #2126919 - CVE-2022-3196 chromium-browser: Use after free in PDF https://bugzilla.redhat.com/show_bug.cgi?id=2126919
Bugzilla 2123683 Bug #2123683 - CVE-2022-3058 chromium-browser: Use after free in Sign-In Flow https://bugzilla.redhat.com/show_bug.cgi?id=2123683
Bugzilla 2114714 Bug #2114714 - CVE-2022-2624 chromium-browser: Heap buffer overflow in PDF https://bugzilla.redhat.com/show_bug.cgi?id=2114714
Bugzilla 2118941 Bug #2118941 - CVE-2022-2856 chromium-browser: Insufficient validation of untrusted input in Intents https://bugzilla.redhat.com/show_bug.cgi?id=2118941
Bugzilla 2123675 Bug #2123675 - CVE-2022-3051 chromium-browser: Heap buffer overflow in Exosphere https://bugzilla.redhat.com/show_bug.cgi?id=2123675
Bugzilla 2123670 Bug #2123670 - CVE-2022-3071 chromium-browser: Use after free in Tab Strip https://bugzilla.redhat.com/show_bug.cgi?id=2123670
Bugzilla 2095761 Bug #2095761 - CVE-2022-2011 chromium-browser: Use after free in ANGLE https://bugzilla.redhat.com/show_bug.cgi?id=2095761
Bugzilla 2123674 Bug #2123674 - CVE-2022-3050 chromium-browser: Heap buffer overflow in WebUI https://bugzilla.redhat.com/show_bug.cgi?id=2123674
Bugzilla 2114698 Bug #2114698 - CVE-2022-2608 chromium-browser: Use after free in Overview Mode https://bugzilla.redhat.com/show_bug.cgi?id=2114698
Bugzilla 2114693 Bug #2114693 - CVE-2022-2603 chromium-browser: Use after free in Omnibox https://bugzilla.redhat.com/show_bug.cgi?id=2114693
Bugzilla 2114697 Bug #2114697 - CVE-2022-2607 chromium-browser: Use after free in Tab Strip https://bugzilla.redhat.com/show_bug.cgi?id=2114697
Bugzilla 2114699 Bug #2114699 - CVE-2022-2609 chromium-browser: Use after free in Nearby Share https://bugzilla.redhat.com/show_bug.cgi?id=2114699
Bugzilla 2118936 Bug #2118936 - CVE-2022-2855 chromium-browser: Use after free in ANGLE https://bugzilla.redhat.com/show_bug.cgi?id=2118936
Bugzilla 2095759 Bug #2095759 - CVE-2022-2008 chromium-browser: Out of bounds memory access in WebGL https://bugzilla.redhat.com/show_bug.cgi?id=2095759
Bugzilla 2114712 Bug #2114712 - CVE-2022-2622 chromium-browser: Insufficient validation of untrusted input in Safe Browsing https://bugzilla.redhat.com/show_bug.cgi?id=2114712
Bugzilla 2114708 Bug #2114708 - CVE-2022-2618 chromium-browser: Insufficient validation of untrusted input in Internals https://bugzilla.redhat.com/show_bug.cgi?id=2114708
Bugzilla 2118937 Bug #2118937 - CVE-2022-2857 chromium-browser: Use after free in Blink https://bugzilla.redhat.com/show_bug.cgi?id=2118937
Bugzilla 2126920 Bug #2126920 - CVE-2022-3197 chromium-browser: Use after free in PDF https://bugzilla.redhat.com/show_bug.cgi?id=2126920
Bugzilla 2123666 Bug #2123666 - CVE-2022-3043 chromium-browser: Heap buffer overflow in Screen Capture https://bugzilla.redhat.com/show_bug.cgi?id=2123666
Bugzilla 2095760 Bug #2095760 - CVE-2022-2010 chromium-browser: Out of bounds read in compositing https://bugzilla.redhat.com/show_bug.cgi?id=2095760
Bugzilla 2123667 Bug #2123667 - CVE-2022-3044 chromium-browser: Inappropriate implementation in Site Isolation https://bugzilla.redhat.com/show_bug.cgi?id=2123667
Bugzilla 2123676 Bug #2123676 - CVE-2022-3052 chromium-browser: Heap buffer overflow in Window Manager https://bugzilla.redhat.com/show_bug.cgi?id=2123676
Bugzilla 2126921 Bug #2126921 - CVE-2022-3198 chromium-browser: Use after free in PDF https://bugzilla.redhat.com/show_bug.cgi?id=2126921
Bugzilla 2118938 Bug #2118938 - CVE-2022-2858 chromium-browser: Use after free in Sign-In Flow https://bugzilla.redhat.com/show_bug.cgi?id=2118938
Bugzilla 2123665 Bug #2123665 - CVE-2022-3042 chromium-browser: Use after free in PhoneHub https://bugzilla.redhat.com/show_bug.cgi?id=2123665
Bugzilla 2123668 Bug #2123668 - CVE-2022-3045 chromium-browser: Insufficient validation of untrusted input in V8 https://bugzilla.redhat.com/show_bug.cgi?id=2123668
Bugzilla 2114701 Bug #2114701 - CVE-2022-2611 chromium-browser: Inappropriate implementation in Fullscreen API https://bugzilla.redhat.com/show_bug.cgi?id=2114701
Bugzilla 2123661 Bug #2123661 - CVE-2022-3039 chromium-browser: Use after free in WebSQL https://bugzilla.redhat.com/show_bug.cgi?id=2123661
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/chromium?distro=fedora-36 fedora chromium < 105.0.5195.125.2.fc36 fedora-36
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date