{"id":"MGASA-2023-0256","summary":"Updated chromium-browser-stable packages fix security vulnerability","details":"The chromium-browser-stable package has been updated to the 116.0.5845.140\nrelease, fixing 5 vulnerabilities.\n\nHigh CVE-2023-4430: Use after free in Vulkan. Reported by Cassidy\nKim(@cassidy6564) on 2023-08-02\n\nHigh CVE-2023-4429: Use after free in Loader. Reported by Anonymous on\n2023-08-03\n\nHigh CVE-2023-4428: Out of bounds memory access in CSS. Reported by\nFrancisco Alonso (@revskills) on 2023-08-06\n\nHigh CVE-2023-4427: Out of bounds memory access in V8. Reported by Sergei\nGlazunov of Google Project Zero on 2023-08-07\n\nMedium CVE-2023-4431: Out of bounds memory access in Fonts. Reported by\nMicrosoft Security Researcher on 2023-08-01\n\nHigh CVE-2023-4572: Use after free in MediaStream. Reported by\nfwnfwn(@_fwnfwn) on 2023-08-12\n","modified":"2026-02-04T02:58:28.662496Z","published":"2023-09-11T13:07:54Z","related":["CVE-2023-4427","CVE-2023-4428","CVE-2023-4429","CVE-2023-4430","CVE-2023-4431","CVE-2023-4572"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2023-0256.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=32193"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2023/08/chrome-desktop-stable-update.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_29.html"}],"affected":[{"package":{"name":"chromium-browser-stable","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/chromium-browser-stable?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"116.0.5845.140-1.mga9.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2023-0256.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}