{"id":"MGASA-2022-0307","summary":"Updated chromium-browser-stable packages fix security vulnerability","details":"The chromium-browser-stable package has been updated to the 104.0.5112.101\nbranch, fixing many bugs and 11 CVE. \nGoogle is aware that an exploit for CVE-2022-2856 exists in the wild.\nSome of the addressed CVE are listed below:\nCritical CVE-2022-2852: Use after free in FedCM.\nHigh CVE-2022-2854: Use after free in SwiftShader.\nHigh CVE-2022-2855: Use after free in ANGLE.\nHigh CVE-2022-2857: Use after free in Blink.\nHigh CVE-2022-2858: Use after free in Sign-In Flow.\nHigh CVE-2022-2853: Heap buffer overflow in Downloads.\nHigh CVE-2022-2856: Insufficient validation of untrusted input in Intents.\nMedium CVE-2022-2859: Use after free in Chrome OS Shell.\nMedium CVE-2022-2860: Insufficient policy enforcement in Cookies.\nMedium CVE-2022-2861: Inappropriate implementation in Extensions API.\nVarious fixes from internal audits, fuzzing and other initiatives\n","modified":"2026-02-02T11:05:26.842618Z","published":"2022-08-25T21:21:07Z","related":["CVE-2022-2852","CVE-2022-2853","CVE-2022-2854","CVE-2022-2855","CVE-2022-2856","CVE-2022-2857","CVE-2022-2858","CVE-2022-2859","CVE-2022-2860","CVE-2022-2861"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0307.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30756"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html"},{"type":"REPORT","url":"https://blog.chromium.org/2022/06/chrome-104-beta-new-media-query-syntax.html"}],"affected":[{"package":{"name":"chromium-browser-stable","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/chromium-browser-stable?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"104.0.5112.101-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0307.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}