chromedriver-126.0.6478.182-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:14205-1 Final 1 1 2024-07-19T00:00:00Z current 2024-07-19T00:00:00Z 2024-07-19T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z chromedriver-126.0.6478.182-1.1 on GA media These are all security issues fixed in the chromedriver-126.0.6478.182-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-14205 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2024-6772/ SUSE CVE CVE-2024-6772 page https://www.suse.com/security/cve/CVE-2024-6773/ SUSE CVE CVE-2024-6773 page https://www.suse.com/security/cve/CVE-2024-6774/ SUSE CVE CVE-2024-6774 page https://www.suse.com/security/cve/CVE-2024-6775/ SUSE CVE CVE-2024-6775 page https://www.suse.com/security/cve/CVE-2024-6776/ SUSE CVE CVE-2024-6776 page https://www.suse.com/security/cve/CVE-2024-6777/ SUSE CVE CVE-2024-6777 page https://www.suse.com/security/cve/CVE-2024-6778/ SUSE CVE CVE-2024-6778 page https://www.suse.com/security/cve/CVE-2024-6779/ SUSE CVE CVE-2024-6779 page openSUSE Tumbleweed chromedriver-126.0.6478.182-1.1 chromium-126.0.6478.182-1.1 chromedriver-126.0.6478.182-1.1 as a component of openSUSE Tumbleweed chromium-126.0.6478.182-1.1 as a component of openSUSE Tumbleweed Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) CVE-2024-6772 openSUSE Tumbleweed:chromedriver-126.0.6478.182-1.1 openSUSE Tumbleweed:chromium-126.0.6478.182-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-6772.html CVE-2024-6772 https://bugzilla.suse.com/1227979 SUSE Bug 1227979 Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-6773 openSUSE Tumbleweed:chromedriver-126.0.6478.182-1.1 openSUSE Tumbleweed:chromium-126.0.6478.182-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-6773.html CVE-2024-6773 https://bugzilla.suse.com/1227979 SUSE Bug 1227979 Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-6774 openSUSE Tumbleweed:chromedriver-126.0.6478.182-1.1 openSUSE Tumbleweed:chromium-126.0.6478.182-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-6774.html CVE-2024-6774 https://bugzilla.suse.com/1227979 SUSE Bug 1227979 Use after free in Media Stream in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-6775 openSUSE Tumbleweed:chromedriver-126.0.6478.182-1.1 openSUSE Tumbleweed:chromium-126.0.6478.182-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-6775.html CVE-2024-6775 https://bugzilla.suse.com/1227979 SUSE Bug 1227979 Use after free in Audio in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-6776 openSUSE Tumbleweed:chromedriver-126.0.6478.182-1.1 openSUSE Tumbleweed:chromium-126.0.6478.182-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-6776.html CVE-2024-6776 https://bugzilla.suse.com/1227979 SUSE Bug 1227979 Use after free in Navigation in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High) CVE-2024-6777 openSUSE Tumbleweed:chromedriver-126.0.6478.182-1.1 openSUSE Tumbleweed:chromium-126.0.6478.182-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-6777.html CVE-2024-6777 https://bugzilla.suse.com/1227979 SUSE Bug 1227979 Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High) CVE-2024-6778 openSUSE Tumbleweed:chromedriver-126.0.6478.182-1.1 openSUSE Tumbleweed:chromium-126.0.6478.182-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-6778.html CVE-2024-6778 https://bugzilla.suse.com/1227979 SUSE Bug 1227979 Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVE-2024-6779 openSUSE Tumbleweed:chromedriver-126.0.6478.182-1.1 openSUSE Tumbleweed:chromium-126.0.6478.182-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-6779.html CVE-2024-6779 https://bugzilla.suse.com/1227979 SUSE Bug 1227979