chromedriver-97.0.4692.99-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:11761 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z chromedriver-97.0.4692.99-1.1 on GA media These are all security issues fixed in the chromedriver-97.0.4692.99-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-11761 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:11761 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2022-0289/ SUSE CVE CVE-2022-0289 page https://www.suse.com/security/cve/CVE-2022-0290/ SUSE CVE CVE-2022-0290 page https://www.suse.com/security/cve/CVE-2022-0291/ SUSE CVE CVE-2022-0291 page https://www.suse.com/security/cve/CVE-2022-0292/ SUSE CVE CVE-2022-0292 page https://www.suse.com/security/cve/CVE-2022-0293/ SUSE CVE CVE-2022-0293 page https://www.suse.com/security/cve/CVE-2022-0294/ SUSE CVE CVE-2022-0294 page https://www.suse.com/security/cve/CVE-2022-0295/ SUSE CVE CVE-2022-0295 page https://www.suse.com/security/cve/CVE-2022-0296/ SUSE CVE CVE-2022-0296 page https://www.suse.com/security/cve/CVE-2022-0297/ SUSE CVE CVE-2022-0297 page https://www.suse.com/security/cve/CVE-2022-0298/ SUSE CVE CVE-2022-0298 page https://www.suse.com/security/cve/CVE-2022-0300/ SUSE CVE CVE-2022-0300 page https://www.suse.com/security/cve/CVE-2022-0301/ SUSE CVE CVE-2022-0301 page https://www.suse.com/security/cve/CVE-2022-0302/ SUSE CVE CVE-2022-0302 page https://www.suse.com/security/cve/CVE-2022-0303/ SUSE CVE CVE-2022-0303 page https://www.suse.com/security/cve/CVE-2022-0304/ SUSE CVE CVE-2022-0304 page https://www.suse.com/security/cve/CVE-2022-0305/ SUSE CVE CVE-2022-0305 page https://www.suse.com/security/cve/CVE-2022-0306/ SUSE CVE CVE-2022-0306 page https://www.suse.com/security/cve/CVE-2022-0307/ SUSE CVE CVE-2022-0307 page https://www.suse.com/security/cve/CVE-2022-0308/ SUSE CVE CVE-2022-0308 page https://www.suse.com/security/cve/CVE-2022-0309/ SUSE CVE CVE-2022-0309 page https://www.suse.com/security/cve/CVE-2022-0310/ SUSE CVE CVE-2022-0310 page https://www.suse.com/security/cve/CVE-2022-0311/ SUSE CVE CVE-2022-0311 page openSUSE Tumbleweed chromedriver-97.0.4692.99-1.1 chromium-97.0.4692.99-1.1 chromedriver-97.0.4692.99-1.1 as a component of openSUSE Tumbleweed chromium-97.0.4692.99-1.1 as a component of openSUSE Tumbleweed Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0289 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0289.html CVE-2022-0289 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2022-0290 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0290.html CVE-2022-0290 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. CVE-2022-0291 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0291.html CVE-2022-0291 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. CVE-2022-0292 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0292.html CVE-2022-0292 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0293 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0293.html CVE-2022-0293 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. CVE-2022-0294 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0294.html CVE-2022-0294 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0295 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0295.html CVE-2022-0295 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0296 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0296.html CVE-2022-0296 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0297 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0297.html CVE-2022-0297 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0298 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0298.html CVE-2022-0298 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0300 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0300.html CVE-2022-0300 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0301 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0301.html CVE-2022-0301 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0302 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0302.html CVE-2022-0302 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2022-0303 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0303.html CVE-2022-0303 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0304 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0304.html CVE-2022-0304 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. CVE-2022-0305 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0305.html CVE-2022-0305 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0306 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0306.html CVE-2022-0306 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0307 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0307.html CVE-2022-0307 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0308 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0308.html CVE-2022-0308 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2022-0309 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0309.html CVE-2022-0309 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. CVE-2022-0310 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0310.html CVE-2022-0310 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0311 openSUSE Tumbleweed:chromedriver-97.0.4692.99-1.1 openSUSE Tumbleweed:chromium-97.0.4692.99-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0311.html CVE-2022-0311 https://bugzilla.suse.com/1194919 SUSE Bug 1194919