{"id":"MGASA-2024-0178","summary":"Updated chromium-browser-stable packages fix security vulnerabilities","details":"The chromium-browser-stable package has been updated to the\n124.0.6367.207 release. It includes 4 security fixes.\nPlease, do note, only x86_64 is supported from now on.\ni586 support for linux was stopped some years ago and the community is\nnot able to provide patches anymore for the latest Chromium code.\nSome of the security fixes are:\n* High CVE-2024-4761: Out of bounds write in V8. Reported by Anonymous\non 2024-05-09\n* High CVE-2024-4671: Use after free in Visuals. Reported by Anonymous\non 2024-05-07\n* High CVE-2024-4558: Use after free in ANGLE. Reported by gelatin\ndessert on 2024-04-29\n* High CVE-2024-4559: Heap buffer overflow in WebAudio. Reported by\nCassidy Kim(@cassidy6564) on 2024-03-2\nGoogle is aware that exploits for CVE-2024-4761 and CVE-2024-4671 exist\nin the wild.\n","modified":"2026-04-16T04:44:42.668414889Z","published":"2024-05-16T17:29:32Z","upstream":["CVE-2024-4558","CVE-2024-4559","CVE-2024-4671","CVE-2024-4761"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0178.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33213"},{"type":"WEB","url":"https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_13.html"},{"type":"WEB","url":"https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html"},{"type":"WEB","url":"https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html"}],"affected":[{"package":{"name":"chromium-browser-stable","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/chromium-browser-stable?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"124.0.6367.207-1.mga9.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0178.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}