- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 202208-25
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                           https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High
    Title: Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities
     Date: August 14, 2022
     Bugs: #828519, #834477, #835397, #836011, #836381, #836777, #838049, #838433, #841371, #843728, #847370, #851003, #853643, #773040, #787950, #800181, #810781, #815397, #829161, #835761, #836830, #847613, #853229, #837497, #838682, #843035, #848864, #851009, #854372
       ID: 202208-25

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
Multiple vulnerabilities have been found in Chromium and its
derivatives, the worst of which could result in remote code execution.

Background
=========
Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web.

Google Chrome is one fast, simple, and secure browser for all your
devices.

Microsoft Edge is a browser that combines a minimal design with
sophisticated technology to make the web faster, safer, and easier.

Affected packages
================
    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  dev-qt/qtwebengine         < 5.15.5_p20220618>= 5.15.5_p20220618
  2  www-client/chromium        < 103.0.5060.53      >= 103.0.5060.53
  3  www-client/google-chrome   < 103.0.5060.53      >= 103.0.5060.53
  4  www-client/microsoft-edge  < 101.0.1210.47      >= 101.0.1210.47

Description
==========
Multiple vulnerabilities have been discovered in Chromium and its
derivatives. Please review the CVE identifiers referenced below for
details.

Impact
=====
Please review the referenced CVE identifiers for details.

Workaround
=========
There is no known workaround at this time.

Resolution
=========
All Chromium users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=www-client/chromium-103.0.5060.53"

All Chromium binary users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=www-client/chromium-bin-103.0.5060.53"

All Google Chrome users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=www-client/google-chrome-103.0.5060.53"

All Microsoft Edge users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=www-client/chromium-103.0.5060.53"

All QtWebEngine users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=dev-qt/qtwebengine-5.15.5_p20220618"

References
=========
[ 1 ] CVE-2021-4052
      https://nvd.nist.gov/vuln/detail/CVE-2021-4052
[ 2 ] CVE-2021-4053
      https://nvd.nist.gov/vuln/detail/CVE-2021-4053
[ 3 ] CVE-2021-4054
      https://nvd.nist.gov/vuln/detail/CVE-2021-4054
[ 4 ] CVE-2021-4055
      https://nvd.nist.gov/vuln/detail/CVE-2021-4055
[ 5 ] CVE-2021-4056
      https://nvd.nist.gov/vuln/detail/CVE-2021-4056
[ 6 ] CVE-2021-4057
      https://nvd.nist.gov/vuln/detail/CVE-2021-4057
[ 7 ] CVE-2021-4058
      https://nvd.nist.gov/vuln/detail/CVE-2021-4058
[ 8 ] CVE-2021-4059
      https://nvd.nist.gov/vuln/detail/CVE-2021-4059
[ 9 ] CVE-2021-4061
      https://nvd.nist.gov/vuln/detail/CVE-2021-4061
[ 10 ] CVE-2021-4062
      https://nvd.nist.gov/vuln/detail/CVE-2021-4062
[ 11 ] CVE-2021-4063
      https://nvd.nist.gov/vuln/detail/CVE-2021-4063
[ 12 ] CVE-2021-4064
      https://nvd.nist.gov/vuln/detail/CVE-2021-4064
[ 13 ] CVE-2021-4065
      https://nvd.nist.gov/vuln/detail/CVE-2021-4065
[ 14 ] CVE-2021-4066
      https://nvd.nist.gov/vuln/detail/CVE-2021-4066
[ 15 ] CVE-2021-4067
      https://nvd.nist.gov/vuln/detail/CVE-2021-4067
[ 16 ] CVE-2021-4068
      https://nvd.nist.gov/vuln/detail/CVE-2021-4068
[ 17 ] CVE-2021-4078
      https://nvd.nist.gov/vuln/detail/CVE-2021-4078
[ 18 ] CVE-2021-4079
      https://nvd.nist.gov/vuln/detail/CVE-2021-4079
[ 19 ] CVE-2021-30551
      https://nvd.nist.gov/vuln/detail/CVE-2021-30551
[ 20 ] CVE-2022-0789
      https://nvd.nist.gov/vuln/detail/CVE-2022-0789
[ 21 ] CVE-2022-0790
      https://nvd.nist.gov/vuln/detail/CVE-2022-0790
[ 22 ] CVE-2022-0791
      https://nvd.nist.gov/vuln/detail/CVE-2022-0791
[ 23 ] CVE-2022-0792
      https://nvd.nist.gov/vuln/detail/CVE-2022-0792
[ 24 ] CVE-2022-0793
      https://nvd.nist.gov/vuln/detail/CVE-2022-0793
[ 25 ] CVE-2022-0794
      https://nvd.nist.gov/vuln/detail/CVE-2022-0794
[ 26 ] CVE-2022-0795
      https://nvd.nist.gov/vuln/detail/CVE-2022-0795
[ 27 ] CVE-2022-0796
      https://nvd.nist.gov/vuln/detail/CVE-2022-0796
[ 28 ] CVE-2022-0797
      https://nvd.nist.gov/vuln/detail/CVE-2022-0797
[ 29 ] CVE-2022-0798
      https://nvd.nist.gov/vuln/detail/CVE-2022-0798
[ 30 ] CVE-2022-0799
      https://nvd.nist.gov/vuln/detail/CVE-2022-0799
[ 31 ] CVE-2022-0800
      https://nvd.nist.gov/vuln/detail/CVE-2022-0800
[ 32 ] CVE-2022-0801
      https://nvd.nist.gov/vuln/detail/CVE-2022-0801
[ 33 ] CVE-2022-0802
      https://nvd.nist.gov/vuln/detail/CVE-2022-0802
[ 34 ] CVE-2022-0803
      https://nvd.nist.gov/vuln/detail/CVE-2022-0803
[ 35 ] CVE-2022-0804
      https://nvd.nist.gov/vuln/detail/CVE-2022-0804
[ 36 ] CVE-2022-0805
      https://nvd.nist.gov/vuln/detail/CVE-2022-0805
[ 37 ] CVE-2022-0806
      https://nvd.nist.gov/vuln/detail/CVE-2022-0806
[ 38 ] CVE-2022-0807
      https://nvd.nist.gov/vuln/detail/CVE-2022-0807
[ 39 ] CVE-2022-0808
      https://nvd.nist.gov/vuln/detail/CVE-2022-0808
[ 40 ] CVE-2022-0809
      https://nvd.nist.gov/vuln/detail/CVE-2022-0809
[ 41 ] CVE-2022-0971
      https://nvd.nist.gov/vuln/detail/CVE-2022-0971
[ 42 ] CVE-2022-0972
      https://nvd.nist.gov/vuln/detail/CVE-2022-0972
[ 43 ] CVE-2022-0973
      https://nvd.nist.gov/vuln/detail/CVE-2022-0973
[ 44 ] CVE-2022-0974
      https://nvd.nist.gov/vuln/detail/CVE-2022-0974
[ 45 ] CVE-2022-0975
      https://nvd.nist.gov/vuln/detail/CVE-2022-0975
[ 46 ] CVE-2022-0976
      https://nvd.nist.gov/vuln/detail/CVE-2022-0976
[ 47 ] CVE-2022-0977
      https://nvd.nist.gov/vuln/detail/CVE-2022-0977
[ 48 ] CVE-2022-0978
      https://nvd.nist.gov/vuln/detail/CVE-2022-0978
[ 49 ] CVE-2022-0979
      https://nvd.nist.gov/vuln/detail/CVE-2022-0979
[ 50 ] CVE-2022-0980
      https://nvd.nist.gov/vuln/detail/CVE-2022-0980
[ 51 ] CVE-2022-1096
      https://nvd.nist.gov/vuln/detail/CVE-2022-1096
[ 52 ] CVE-2022-1125
      https://nvd.nist.gov/vuln/detail/CVE-2022-1125
[ 53 ] CVE-2022-1127
      https://nvd.nist.gov/vuln/detail/CVE-2022-1127
[ 54 ] CVE-2022-1128
      https://nvd.nist.gov/vuln/detail/CVE-2022-1128
[ 55 ] CVE-2022-1129
      https://nvd.nist.gov/vuln/detail/CVE-2022-1129
[ 56 ] CVE-2022-1130
      https://nvd.nist.gov/vuln/detail/CVE-2022-1130
[ 57 ] CVE-2022-1131
      https://nvd.nist.gov/vuln/detail/CVE-2022-1131
[ 58 ] CVE-2022-1132
      https://nvd.nist.gov/vuln/detail/CVE-2022-1132
[ 59 ] CVE-2022-1133
      https://nvd.nist.gov/vuln/detail/CVE-2022-1133
[ 60 ] CVE-2022-1134
      https://nvd.nist.gov/vuln/detail/CVE-2022-1134
[ 61 ] CVE-2022-1135
      https://nvd.nist.gov/vuln/detail/CVE-2022-1135
[ 62 ] CVE-2022-1136
      https://nvd.nist.gov/vuln/detail/CVE-2022-1136
[ 63 ] CVE-2022-1137
      https://nvd.nist.gov/vuln/detail/CVE-2022-1137
[ 64 ] CVE-2022-1138
      https://nvd.nist.gov/vuln/detail/CVE-2022-1138
[ 65 ] CVE-2022-1139
      https://nvd.nist.gov/vuln/detail/CVE-2022-1139
[ 66 ] CVE-2022-1141
      https://nvd.nist.gov/vuln/detail/CVE-2022-1141
[ 67 ] CVE-2022-1142
      https://nvd.nist.gov/vuln/detail/CVE-2022-1142
[ 68 ] CVE-2022-1143
      https://nvd.nist.gov/vuln/detail/CVE-2022-1143
[ 69 ] CVE-2022-1144
      https://nvd.nist.gov/vuln/detail/CVE-2022-1144
[ 70 ] CVE-2022-1145
      https://nvd.nist.gov/vuln/detail/CVE-2022-1145
[ 71 ] CVE-2022-1146
      https://nvd.nist.gov/vuln/detail/CVE-2022-1146
[ 72 ] CVE-2022-1232
      https://nvd.nist.gov/vuln/detail/CVE-2022-1232
[ 73 ] CVE-2022-1305
      https://nvd.nist.gov/vuln/detail/CVE-2022-1305
[ 74 ] CVE-2022-1306
      https://nvd.nist.gov/vuln/detail/CVE-2022-1306
[ 75 ] CVE-2022-1307
      https://nvd.nist.gov/vuln/detail/CVE-2022-1307
[ 76 ] CVE-2022-1308
      https://nvd.nist.gov/vuln/detail/CVE-2022-1308
[ 77 ] CVE-2022-1309
      https://nvd.nist.gov/vuln/detail/CVE-2022-1309
[ 78 ] CVE-2022-1310
      https://nvd.nist.gov/vuln/detail/CVE-2022-1310
[ 79 ] CVE-2022-1311
      https://nvd.nist.gov/vuln/detail/CVE-2022-1311
[ 80 ] CVE-2022-1312
      https://nvd.nist.gov/vuln/detail/CVE-2022-1312
[ 81 ] CVE-2022-1313
      https://nvd.nist.gov/vuln/detail/CVE-2022-1313
[ 82 ] CVE-2022-1314
      https://nvd.nist.gov/vuln/detail/CVE-2022-1314
[ 83 ] CVE-2022-1364
      https://nvd.nist.gov/vuln/detail/CVE-2022-1364
[ 84 ] CVE-2022-1477
      https://nvd.nist.gov/vuln/detail/CVE-2022-1477
[ 85 ] CVE-2022-1478
      https://nvd.nist.gov/vuln/detail/CVE-2022-1478
[ 86 ] CVE-2022-1479
      https://nvd.nist.gov/vuln/detail/CVE-2022-1479
[ 87 ] CVE-2022-1480
      https://nvd.nist.gov/vuln/detail/CVE-2022-1480
[ 88 ] CVE-2022-1481
      https://nvd.nist.gov/vuln/detail/CVE-2022-1481
[ 89 ] CVE-2022-1482
      https://nvd.nist.gov/vuln/detail/CVE-2022-1482
[ 90 ] CVE-2022-1483
      https://nvd.nist.gov/vuln/detail/CVE-2022-1483
[ 91 ] CVE-2022-1484
      https://nvd.nist.gov/vuln/detail/CVE-2022-1484
[ 92 ] CVE-2022-1485
      https://nvd.nist.gov/vuln/detail/CVE-2022-1485
[ 93 ] CVE-2022-1486
      https://nvd.nist.gov/vuln/detail/CVE-2022-1486
[ 94 ] CVE-2022-1487
      https://nvd.nist.gov/vuln/detail/CVE-2022-1487
[ 95 ] CVE-2022-1488
      https://nvd.nist.gov/vuln/detail/CVE-2022-1488
[ 96 ] CVE-2022-1489
      https://nvd.nist.gov/vuln/detail/CVE-2022-1489
[ 97 ] CVE-2022-1490
      https://nvd.nist.gov/vuln/detail/CVE-2022-1490
[ 98 ] CVE-2022-1491
      https://nvd.nist.gov/vuln/detail/CVE-2022-1491
[ 99 ] CVE-2022-1492
      https://nvd.nist.gov/vuln/detail/CVE-2022-1492
[ 100 ] CVE-2022-1493
      https://nvd.nist.gov/vuln/detail/CVE-2022-1493
[ 101 ] CVE-2022-1494
      https://nvd.nist.gov/vuln/detail/CVE-2022-1494
[ 102 ] CVE-2022-1495
      https://nvd.nist.gov/vuln/detail/CVE-2022-1495
[ 103 ] CVE-2022-1496
      https://nvd.nist.gov/vuln/detail/CVE-2022-1496
[ 104 ] CVE-2022-1497
      https://nvd.nist.gov/vuln/detail/CVE-2022-1497
[ 105 ] CVE-2022-1498
      https://nvd.nist.gov/vuln/detail/CVE-2022-1498
[ 106 ] CVE-2022-1499
      https://nvd.nist.gov/vuln/detail/CVE-2022-1499
[ 107 ] CVE-2022-1500
      https://nvd.nist.gov/vuln/detail/CVE-2022-1500
[ 108 ] CVE-2022-1501
      https://nvd.nist.gov/vuln/detail/CVE-2022-1501
[ 109 ] CVE-2022-1633
      https://nvd.nist.gov/vuln/detail/CVE-2022-1633
[ 110 ] CVE-2022-1634
      https://nvd.nist.gov/vuln/detail/CVE-2022-1634
[ 111 ] CVE-2022-1635
      https://nvd.nist.gov/vuln/detail/CVE-2022-1635
[ 112 ] CVE-2022-1636
      https://nvd.nist.gov/vuln/detail/CVE-2022-1636
[ 113 ] CVE-2022-1637
      https://nvd.nist.gov/vuln/detail/CVE-2022-1637
[ 114 ] CVE-2022-1639
      https://nvd.nist.gov/vuln/detail/CVE-2022-1639
[ 115 ] CVE-2022-1640
      https://nvd.nist.gov/vuln/detail/CVE-2022-1640
[ 116 ] CVE-2022-1641
      https://nvd.nist.gov/vuln/detail/CVE-2022-1641
[ 117 ] CVE-2022-1853
      https://nvd.nist.gov/vuln/detail/CVE-2022-1853
[ 118 ] CVE-2022-1854
      https://nvd.nist.gov/vuln/detail/CVE-2022-1854
[ 119 ] CVE-2022-1855
      https://nvd.nist.gov/vuln/detail/CVE-2022-1855
[ 120 ] CVE-2022-1856
      https://nvd.nist.gov/vuln/detail/CVE-2022-1856
[ 121 ] CVE-2022-1857
      https://nvd.nist.gov/vuln/detail/CVE-2022-1857
[ 122 ] CVE-2022-1858
      https://nvd.nist.gov/vuln/detail/CVE-2022-1858
[ 123 ] CVE-2022-1859
      https://nvd.nist.gov/vuln/detail/CVE-2022-1859
[ 124 ] CVE-2022-1860
      https://nvd.nist.gov/vuln/detail/CVE-2022-1860
[ 125 ] CVE-2022-1861
      https://nvd.nist.gov/vuln/detail/CVE-2022-1861
[ 126 ] CVE-2022-1862
      https://nvd.nist.gov/vuln/detail/CVE-2022-1862
[ 127 ] CVE-2022-1863
      https://nvd.nist.gov/vuln/detail/CVE-2022-1863
[ 128 ] CVE-2022-1864
      https://nvd.nist.gov/vuln/detail/CVE-2022-1864
[ 129 ] CVE-2022-1865
      https://nvd.nist.gov/vuln/detail/CVE-2022-1865
[ 130 ] CVE-2022-1866
      https://nvd.nist.gov/vuln/detail/CVE-2022-1866
[ 131 ] CVE-2022-1867
      https://nvd.nist.gov/vuln/detail/CVE-2022-1867
[ 132 ] CVE-2022-1868
      https://nvd.nist.gov/vuln/detail/CVE-2022-1868
[ 133 ] CVE-2022-1869
      https://nvd.nist.gov/vuln/detail/CVE-2022-1869
[ 134 ] CVE-2022-1870
      https://nvd.nist.gov/vuln/detail/CVE-2022-1870
[ 135 ] CVE-2022-1871
      https://nvd.nist.gov/vuln/detail/CVE-2022-1871
[ 136 ] CVE-2022-1872
      https://nvd.nist.gov/vuln/detail/CVE-2022-1872
[ 137 ] CVE-2022-1873
      https://nvd.nist.gov/vuln/detail/CVE-2022-1873
[ 138 ] CVE-2022-1874
      https://nvd.nist.gov/vuln/detail/CVE-2022-1874
[ 139 ] CVE-2022-1875
      https://nvd.nist.gov/vuln/detail/CVE-2022-1875
[ 140 ] CVE-2022-1876
      https://nvd.nist.gov/vuln/detail/CVE-2022-1876
[ 141 ] CVE-2022-2007
      https://nvd.nist.gov/vuln/detail/CVE-2022-2007
[ 142 ] CVE-2022-2010
      https://nvd.nist.gov/vuln/detail/CVE-2022-2010
[ 143 ] CVE-2022-2011
      https://nvd.nist.gov/vuln/detail/CVE-2022-2011
[ 144 ] CVE-2022-2156
      https://nvd.nist.gov/vuln/detail/CVE-2022-2156
[ 145 ] CVE-2022-2157
      https://nvd.nist.gov/vuln/detail/CVE-2022-2157
[ 146 ] CVE-2022-2158
      https://nvd.nist.gov/vuln/detail/CVE-2022-2158
[ 147 ] CVE-2022-2160
      https://nvd.nist.gov/vuln/detail/CVE-2022-2160
[ 148 ] CVE-2022-2161
      https://nvd.nist.gov/vuln/detail/CVE-2022-2161
[ 149 ] CVE-2022-2162
      https://nvd.nist.gov/vuln/detail/CVE-2022-2162
[ 150 ] CVE-2022-2163
      https://nvd.nist.gov/vuln/detail/CVE-2022-2163
[ 151 ] CVE-2022-2164
      https://nvd.nist.gov/vuln/detail/CVE-2022-2164
[ 152 ] CVE-2022-2165
      https://nvd.nist.gov/vuln/detail/CVE-2022-2165
[ 153 ] CVE-2022-22021
      https://nvd.nist.gov/vuln/detail/CVE-2022-22021
[ 154 ] CVE-2022-24475
      https://nvd.nist.gov/vuln/detail/CVE-2022-24475
[ 155 ] CVE-2022-24523
      https://nvd.nist.gov/vuln/detail/CVE-2022-24523
[ 156 ] CVE-2022-26891
      https://nvd.nist.gov/vuln/detail/CVE-2022-26891
[ 157 ] CVE-2022-26894
      https://nvd.nist.gov/vuln/detail/CVE-2022-26894
[ 158 ] CVE-2022-26895
      https://nvd.nist.gov/vuln/detail/CVE-2022-26895
[ 159 ] CVE-2022-26900
      https://nvd.nist.gov/vuln/detail/CVE-2022-26900
[ 160 ] CVE-2022-26905
      https://nvd.nist.gov/vuln/detail/CVE-2022-26905
[ 161 ] CVE-2022-26908
      https://nvd.nist.gov/vuln/detail/CVE-2022-26908
[ 162 ] CVE-2022-26909
      https://nvd.nist.gov/vuln/detail/CVE-2022-26909
[ 163 ] CVE-2022-26912
      https://nvd.nist.gov/vuln/detail/CVE-2022-26912
[ 164 ] CVE-2022-29144
      https://nvd.nist.gov/vuln/detail/CVE-2022-29144
[ 165 ] CVE-2022-29146
      https://nvd.nist.gov/vuln/detail/CVE-2022-29146
[ 166 ] CVE-2022-29147
      https://nvd.nist.gov/vuln/detail/CVE-2022-29147
[ 167 ] CVE-2022-30127
      https://nvd.nist.gov/vuln/detail/CVE-2022-30127
[ 168 ] CVE-2022-30128
      https://nvd.nist.gov/vuln/detail/CVE-2022-30128
[ 169 ] CVE-2022-30192
      https://nvd.nist.gov/vuln/detail/CVE-2022-30192
[ 170 ] CVE-2022-33638
      https://nvd.nist.gov/vuln/detail/CVE-2022-33638
[ 171 ] CVE-2022-33639
      https://nvd.nist.gov/vuln/detail/CVE-2022-33639

Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202208-25

Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
======
Copyright 2022 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5/

Gentoo: GLSA-202208-25: Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vul

Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution.

Summary

Multiple vulnerabilities have been discovered in Chromium and its derivatives. Please review the CVE identifiers referenced below for details.

Resolution

All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/chromium-103.0.5060.53"
All Chromium binary users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/chromium-bin-103.0.5060.53"
All Google Chrome users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/google-chrome-103.0.5060.53"
All Microsoft Edge users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/chromium-103.0.5060.53"
All QtWebEngine users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-qt/qtwebengine-5.15.5_p20220618"

References

[ 1 ] CVE-2021-4052 https://nvd.nist.gov/vuln/detail/CVE-2021-4052 [ 2 ] CVE-2021-4053 https://nvd.nist.gov/vuln/detail/CVE-2021-4053 [ 3 ] CVE-2021-4054 https://nvd.nist.gov/vuln/detail/CVE-2021-4054 [ 4 ] CVE-2021-4055 https://nvd.nist.gov/vuln/detail/CVE-2021-4055 [ 5 ] CVE-2021-4056 https://nvd.nist.gov/vuln/detail/CVE-2021-4056 [ 6 ] CVE-2021-4057 https://nvd.nist.gov/vuln/detail/CVE-2021-4057 [ 7 ] CVE-2021-4058 https://nvd.nist.gov/vuln/detail/CVE-2021-4058 [ 8 ] CVE-2021-4059 https://nvd.nist.gov/vuln/detail/CVE-2021-4059 [ 9 ] CVE-2021-4061 https://nvd.nist.gov/vuln/detail/CVE-2021-4061 [ 10 ] CVE-2021-4062 https://nvd.nist.gov/vuln/detail/CVE-2021-4062 [ 11 ] CVE-2021-4063 https://nvd.nist.gov/vuln/detail/CVE-2021-4063 [ 12 ] CVE-2021-4064 https://nvd.nist.gov/vuln/detail/CVE-2021-4064 [ 13 ] CVE-2021-4065 https://nvd.nist.gov/vuln/detail/CVE-2021-4065 [ 14 ] CVE-2021-4066 https://nvd.nist.gov/vuln/detail/CVE-2021-4066 [ 15 ] CVE-2021-4067 https://nvd.nist.gov/vuln/detail/CVE-2021-4067 [ 16 ] CVE-2021-4068 https://nvd.nist.gov/vuln/detail/CVE-2021-4068 [ 17 ] CVE-2021-4078 https://nvd.nist.gov/vuln/detail/CVE-2021-4078 [ 18 ] CVE-2021-4079 https://nvd.nist.gov/vuln/detail/CVE-2021-4079 [ 19 ] CVE-2021-30551 https://nvd.nist.gov/vuln/detail/CVE-2021-30551 [ 20 ] CVE-2022-0789 https://nvd.nist.gov/vuln/detail/CVE-2022-0789 [ 21 ] CVE-2022-0790 https://nvd.nist.gov/vuln/detail/CVE-2022-0790 [ 22 ] CVE-2022-0791 https://nvd.nist.gov/vuln/detail/CVE-2022-0791 [ 23 ] CVE-2022-0792 https://nvd.nist.gov/vuln/detail/CVE-2022-0792 [ 24 ] CVE-2022-0793 https://nvd.nist.gov/vuln/detail/CVE-2022-0793 [ 25 ] CVE-2022-0794 https://nvd.nist.gov/vuln/detail/CVE-2022-0794 [ 26 ] CVE-2022-0795 https://nvd.nist.gov/vuln/detail/CVE-2022-0795 [ 27 ] CVE-2022-0796 https://nvd.nist.gov/vuln/detail/CVE-2022-0796 [ 28 ] CVE-2022-0797 https://nvd.nist.gov/vuln/detail/CVE-2022-0797 [ 29 ] CVE-2022-0798 https://nvd.nist.gov/vuln/detail/CVE-2022-0798 [ 30 ] CVE-2022-0799 https://nvd.nist.gov/vuln/detail/CVE-2022-0799 [ 31 ] CVE-2022-0800 https://nvd.nist.gov/vuln/detail/CVE-2022-0800 [ 32 ] CVE-2022-0801 https://nvd.nist.gov/vuln/detail/CVE-2022-0801 [ 33 ] CVE-2022-0802 https://nvd.nist.gov/vuln/detail/CVE-2022-0802 [ 34 ] CVE-2022-0803 https://nvd.nist.gov/vuln/detail/CVE-2022-0803 [ 35 ] CVE-2022-0804 https://nvd.nist.gov/vuln/detail/CVE-2022-0804 [ 36 ] CVE-2022-0805 https://nvd.nist.gov/vuln/detail/CVE-2022-0805 [ 37 ] CVE-2022-0806 https://nvd.nist.gov/vuln/detail/CVE-2022-0806 [ 38 ] CVE-2022-0807 https://nvd.nist.gov/vuln/detail/CVE-2022-0807 [ 39 ] CVE-2022-0808 https://nvd.nist.gov/vuln/detail/CVE-2022-0808 [ 40 ] CVE-2022-0809 https://nvd.nist.gov/vuln/detail/CVE-2022-0809 [ 41 ] CVE-2022-0971 https://nvd.nist.gov/vuln/detail/CVE-2022-0971 [ 42 ] CVE-2022-0972 https://nvd.nist.gov/vuln/detail/CVE-2022-0972 [ 43 ] CVE-2022-0973 https://nvd.nist.gov/vuln/detail/CVE-2022-0973 [ 44 ] CVE-2022-0974 https://nvd.nist.gov/vuln/detail/CVE-2022-0974 [ 45 ] CVE-2022-0975 https://nvd.nist.gov/vuln/detail/CVE-2022-0975 [ 46 ] CVE-2022-0976 https://nvd.nist.gov/vuln/detail/CVE-2022-0976 [ 47 ] CVE-2022-0977 https://nvd.nist.gov/vuln/detail/CVE-2022-0977 [ 48 ] CVE-2022-0978 https://nvd.nist.gov/vuln/detail/CVE-2022-0978 [ 49 ] CVE-2022-0979 https://nvd.nist.gov/vuln/detail/CVE-2022-0979 [ 50 ] CVE-2022-0980 https://nvd.nist.gov/vuln/detail/CVE-2022-0980 [ 51 ] CVE-2022-1096 https://nvd.nist.gov/vuln/detail/CVE-2022-1096 [ 52 ] CVE-2022-1125 https://nvd.nist.gov/vuln/detail/CVE-2022-1125 [ 53 ] CVE-2022-1127 https://nvd.nist.gov/vuln/detail/CVE-2022-1127 [ 54 ] CVE-2022-1128 https://nvd.nist.gov/vuln/detail/CVE-2022-1128 [ 55 ] CVE-2022-1129 https://nvd.nist.gov/vuln/detail/CVE-2022-1129 [ 56 ] CVE-2022-1130 https://nvd.nist.gov/vuln/detail/CVE-2022-1130 [ 57 ] CVE-2022-1131 https://nvd.nist.gov/vuln/detail/CVE-2022-1131 [ 58 ] CVE-2022-1132 https://nvd.nist.gov/vuln/detail/CVE-2022-1132 [ 59 ] CVE-2022-1133 https://nvd.nist.gov/vuln/detail/CVE-2022-1133 [ 60 ] CVE-2022-1134 https://nvd.nist.gov/vuln/detail/CVE-2022-1134 [ 61 ] CVE-2022-1135 https://nvd.nist.gov/vuln/detail/CVE-2022-1135 [ 62 ] CVE-2022-1136 https://nvd.nist.gov/vuln/detail/CVE-2022-1136 [ 63 ] CVE-2022-1137 https://nvd.nist.gov/vuln/detail/CVE-2022-1137 [ 64 ] CVE-2022-1138 https://nvd.nist.gov/vuln/detail/CVE-2022-1138 [ 65 ] CVE-2022-1139 https://nvd.nist.gov/vuln/detail/CVE-2022-1139 [ 66 ] CVE-2022-1141 https://nvd.nist.gov/vuln/detail/CVE-2022-1141 [ 67 ] CVE-2022-1142 https://nvd.nist.gov/vuln/detail/CVE-2022-1142 [ 68 ] CVE-2022-1143 https://nvd.nist.gov/vuln/detail/CVE-2022-1143 [ 69 ] CVE-2022-1144 https://nvd.nist.gov/vuln/detail/CVE-2022-1144 [ 70 ] CVE-2022-1145 https://nvd.nist.gov/vuln/detail/CVE-2022-1145 [ 71 ] CVE-2022-1146 https://nvd.nist.gov/vuln/detail/CVE-2022-1146 [ 72 ] CVE-2022-1232 https://nvd.nist.gov/vuln/detail/CVE-2022-1232 [ 73 ] CVE-2022-1305 https://nvd.nist.gov/vuln/detail/CVE-2022-1305 [ 74 ] CVE-2022-1306 https://nvd.nist.gov/vuln/detail/CVE-2022-1306 [ 75 ] CVE-2022-1307 https://nvd.nist.gov/vuln/detail/CVE-2022-1307 [ 76 ] CVE-2022-1308 https://nvd.nist.gov/vuln/detail/CVE-2022-1308 [ 77 ] CVE-2022-1309 https://nvd.nist.gov/vuln/detail/CVE-2022-1309 [ 78 ] CVE-2022-1310 https://nvd.nist.gov/vuln/detail/CVE-2022-1310 [ 79 ] CVE-2022-1311 https://nvd.nist.gov/vuln/detail/CVE-2022-1311 [ 80 ] CVE-2022-1312 https://nvd.nist.gov/vuln/detail/CVE-2022-1312 [ 81 ] CVE-2022-1313 https://nvd.nist.gov/vuln/detail/CVE-2022-1313 [ 82 ] CVE-2022-1314 https://nvd.nist.gov/vuln/detail/CVE-2022-1314 [ 83 ] CVE-2022-1364 https://nvd.nist.gov/vuln/detail/CVE-2022-1364 [ 84 ] CVE-2022-1477 https://nvd.nist.gov/vuln/detail/CVE-2022-1477 [ 85 ] CVE-2022-1478 https://nvd.nist.gov/vuln/detail/CVE-2022-1478 [ 86 ] CVE-2022-1479 https://nvd.nist.gov/vuln/detail/CVE-2022-1479 [ 87 ] CVE-2022-1480 https://nvd.nist.gov/vuln/detail/CVE-2022-1480 [ 88 ] CVE-2022-1481 https://nvd.nist.gov/vuln/detail/CVE-2022-1481 [ 89 ] CVE-2022-1482 https://nvd.nist.gov/vuln/detail/CVE-2022-1482 [ 90 ] CVE-2022-1483 https://nvd.nist.gov/vuln/detail/CVE-2022-1483 [ 91 ] CVE-2022-1484 https://nvd.nist.gov/vuln/detail/CVE-2022-1484 [ 92 ] CVE-2022-1485 https://nvd.nist.gov/vuln/detail/CVE-2022-1485 [ 93 ] CVE-2022-1486 https://nvd.nist.gov/vuln/detail/CVE-2022-1486 [ 94 ] CVE-2022-1487 https://nvd.nist.gov/vuln/detail/CVE-2022-1487 [ 95 ] CVE-2022-1488 https://nvd.nist.gov/vuln/detail/CVE-2022-1488 [ 96 ] CVE-2022-1489 https://nvd.nist.gov/vuln/detail/CVE-2022-1489 [ 97 ] CVE-2022-1490 https://nvd.nist.gov/vuln/detail/CVE-2022-1490 [ 98 ] CVE-2022-1491 https://nvd.nist.gov/vuln/detail/CVE-2022-1491 [ 99 ] CVE-2022-1492 https://nvd.nist.gov/vuln/detail/CVE-2022-1492 [ 100 ] CVE-2022-1493 https://nvd.nist.gov/vuln/detail/CVE-2022-1493 [ 101 ] CVE-2022-1494 https://nvd.nist.gov/vuln/detail/CVE-2022-1494 [ 102 ] CVE-2022-1495 https://nvd.nist.gov/vuln/detail/CVE-2022-1495 [ 103 ] CVE-2022-1496 https://nvd.nist.gov/vuln/detail/CVE-2022-1496 [ 104 ] CVE-2022-1497 https://nvd.nist.gov/vuln/detail/CVE-2022-1497 [ 105 ] CVE-2022-1498 https://nvd.nist.gov/vuln/detail/CVE-2022-1498 [ 106 ] CVE-2022-1499 https://nvd.nist.gov/vuln/detail/CVE-2022-1499 [ 107 ] CVE-2022-1500 https://nvd.nist.gov/vuln/detail/CVE-2022-1500 [ 108 ] CVE-2022-1501 https://nvd.nist.gov/vuln/detail/CVE-2022-1501 [ 109 ] CVE-2022-1633 https://nvd.nist.gov/vuln/detail/CVE-2022-1633 [ 110 ] CVE-2022-1634 https://nvd.nist.gov/vuln/detail/CVE-2022-1634 [ 111 ] CVE-2022-1635 https://nvd.nist.gov/vuln/detail/CVE-2022-1635 [ 112 ] CVE-2022-1636 https://nvd.nist.gov/vuln/detail/CVE-2022-1636 [ 113 ] CVE-2022-1637 https://nvd.nist.gov/vuln/detail/CVE-2022-1637 [ 114 ] CVE-2022-1639 https://nvd.nist.gov/vuln/detail/CVE-2022-1639 [ 115 ] CVE-2022-1640 https://nvd.nist.gov/vuln/detail/CVE-2022-1640 [ 116 ] CVE-2022-1641 https://nvd.nist.gov/vuln/detail/CVE-2022-1641 [ 117 ] CVE-2022-1853 https://nvd.nist.gov/vuln/detail/CVE-2022-1853 [ 118 ] CVE-2022-1854 https://nvd.nist.gov/vuln/detail/CVE-2022-1854 [ 119 ] CVE-2022-1855 https://nvd.nist.gov/vuln/detail/CVE-2022-1855 [ 120 ] CVE-2022-1856 https://nvd.nist.gov/vuln/detail/CVE-2022-1856 [ 121 ] CVE-2022-1857 https://nvd.nist.gov/vuln/detail/CVE-2022-1857 [ 122 ] CVE-2022-1858 https://nvd.nist.gov/vuln/detail/CVE-2022-1858 [ 123 ] CVE-2022-1859 https://nvd.nist.gov/vuln/detail/CVE-2022-1859 [ 124 ] CVE-2022-1860 https://nvd.nist.gov/vuln/detail/CVE-2022-1860 [ 125 ] CVE-2022-1861 https://nvd.nist.gov/vuln/detail/CVE-2022-1861 [ 126 ] CVE-2022-1862 https://nvd.nist.gov/vuln/detail/CVE-2022-1862 [ 127 ] CVE-2022-1863 https://nvd.nist.gov/vuln/detail/CVE-2022-1863 [ 128 ] CVE-2022-1864 https://nvd.nist.gov/vuln/detail/CVE-2022-1864 [ 129 ] CVE-2022-1865 https://nvd.nist.gov/vuln/detail/CVE-2022-1865 [ 130 ] CVE-2022-1866 https://nvd.nist.gov/vuln/detail/CVE-2022-1866 [ 131 ] CVE-2022-1867 https://nvd.nist.gov/vuln/detail/CVE-2022-1867 [ 132 ] CVE-2022-1868 https://nvd.nist.gov/vuln/detail/CVE-2022-1868 [ 133 ] CVE-2022-1869 https://nvd.nist.gov/vuln/detail/CVE-2022-1869 [ 134 ] CVE-2022-1870 https://nvd.nist.gov/vuln/detail/CVE-2022-1870 [ 135 ] CVE-2022-1871 https://nvd.nist.gov/vuln/detail/CVE-2022-1871 [ 136 ] CVE-2022-1872 https://nvd.nist.gov/vuln/detail/CVE-2022-1872 [ 137 ] CVE-2022-1873 https://nvd.nist.gov/vuln/detail/CVE-2022-1873 [ 138 ] CVE-2022-1874 https://nvd.nist.gov/vuln/detail/CVE-2022-1874 [ 139 ] CVE-2022-1875 https://nvd.nist.gov/vuln/detail/CVE-2022-1875 [ 140 ] CVE-2022-1876 https://nvd.nist.gov/vuln/detail/CVE-2022-1876 [ 141 ] CVE-2022-2007 https://nvd.nist.gov/vuln/detail/CVE-2022-2007 [ 142 ] CVE-2022-2010 https://nvd.nist.gov/vuln/detail/CVE-2022-2010 [ 143 ] CVE-2022-2011 https://nvd.nist.gov/vuln/detail/CVE-2022-2011 [ 144 ] CVE-2022-2156 https://nvd.nist.gov/vuln/detail/CVE-2022-2156 [ 145 ] CVE-2022-2157 https://nvd.nist.gov/vuln/detail/CVE-2022-2157 [ 146 ] CVE-2022-2158 https://nvd.nist.gov/vuln/detail/CVE-2022-2158 [ 147 ] CVE-2022-2160 https://nvd.nist.gov/vuln/detail/CVE-2022-2160 [ 148 ] CVE-2022-2161 https://nvd.nist.gov/vuln/detail/CVE-2022-2161 [ 149 ] CVE-2022-2162 https://nvd.nist.gov/vuln/detail/CVE-2022-2162 [ 150 ] CVE-2022-2163 https://nvd.nist.gov/vuln/detail/CVE-2022-2163 [ 151 ] CVE-2022-2164 https://nvd.nist.gov/vuln/detail/CVE-2022-2164 [ 152 ] CVE-2022-2165 https://nvd.nist.gov/vuln/detail/CVE-2022-2165 [ 153 ] CVE-2022-22021 https://nvd.nist.gov/vuln/detail/CVE-2022-22021 [ 154 ] CVE-2022-24475 https://nvd.nist.gov/vuln/detail/CVE-2022-24475 [ 155 ] CVE-2022-24523 https://nvd.nist.gov/vuln/detail/CVE-2022-24523 [ 156 ] CVE-2022-26891 https://nvd.nist.gov/vuln/detail/CVE-2022-26891 [ 157 ] CVE-2022-26894 https://nvd.nist.gov/vuln/detail/CVE-2022-26894 [ 158 ] CVE-2022-26895 https://nvd.nist.gov/vuln/detail/CVE-2022-26895 [ 159 ] CVE-2022-26900 https://nvd.nist.gov/vuln/detail/CVE-2022-26900 [ 160 ] CVE-2022-26905 https://nvd.nist.gov/vuln/detail/CVE-2022-26905 [ 161 ] CVE-2022-26908 https://nvd.nist.gov/vuln/detail/CVE-2022-26908 [ 162 ] CVE-2022-26909 https://nvd.nist.gov/vuln/detail/CVE-2022-26909 [ 163 ] CVE-2022-26912 https://nvd.nist.gov/vuln/detail/CVE-2022-26912 [ 164 ] CVE-2022-29144 https://nvd.nist.gov/vuln/detail/CVE-2022-29144 [ 165 ] CVE-2022-29146 https://nvd.nist.gov/vuln/detail/CVE-2022-29146 [ 166 ] CVE-2022-29147 https://nvd.nist.gov/vuln/detail/CVE-2022-29147 [ 167 ] CVE-2022-30127 https://nvd.nist.gov/vuln/detail/CVE-2022-30127 [ 168 ] CVE-2022-30128 https://nvd.nist.gov/vuln/detail/CVE-2022-30128 [ 169 ] CVE-2022-30192 https://nvd.nist.gov/vuln/detail/CVE-2022-30192 [ 170 ] CVE-2022-33638 https://nvd.nist.gov/vuln/detail/CVE-2022-33638 [ 171 ] CVE-2022-33639 https://nvd.nist.gov/vuln/detail/CVE-2022-33639

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-25

Concerns

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

Severity
Severity: High
Title: Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities
Date: August 14, 2022
Bugs: #828519, #834477, #835397, #836011, #836381, #836777, #838049, #838433, #841371, #843728, #847370, #851003, #853643, #773040, #787950, #800181, #810781, #815397, #829161, #835761, #836830, #847613, #853229, #837497, #838682, #843035, #848864, #851009, #854372
ID: 202208-25

Synopsis

Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution.

Background

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices.
Microsoft Edge is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier.

Affected Packages

------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-qt/qtwebengine < 5.15.5_p20220618>= 5.15.5_p20220618 2 www-client/chromium < 103.0.5060.53 >= 103.0.5060.53 3 www-client/google-chrome < 103.0.5060.53 >= 103.0.5060.53 4 www-client/microsoft-edge < 101.0.1210.47 >= 101.0.1210.47

Impact

===== Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved