Upstream information

CVE-2024-6291 at MITRE

Description

Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

SUSE information

Overall state of this security issue: Analysis

This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.

SUSE Bugzilla entry: 1226933 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Package Hub 15 SP5
  • chromedriver >= 126.0.6478.126-bp155.2.94.1
  • chromium >= 126.0.6478.126-bp155.2.94.1
Patchnames:
openSUSE-2024-204
SUSE Package Hub 15 SP6
  • chromedriver >= 126.0.6478.126-bp156.2.6.1
  • chromium >= 126.0.6478.126-bp156.2.6.1
Patchnames:
openSUSE-2024-204
openSUSE Leap 15.5
  • chromedriver >= 126.0.6478.126-bp155.2.94.1
  • chromium >= 126.0.6478.126-bp155.2.94.1
Patchnames:
openSUSE-2024-204
openSUSE Leap 15.5 NonFree
  • opera >= 112.0.5197.25-lp155.3.54.1
Patchnames:
openSUSE-2024-205
openSUSE Leap 15.6
  • chromedriver >= 126.0.6478.126-bp156.2.6.1
  • chromium >= 126.0.6478.126-bp156.2.6.1
Patchnames:
openSUSE-2024-204
openSUSE Leap 15.6 NonFree
  • opera >= 112.0.5197.25-lp156.2.11.1
Patchnames:
openSUSE-2024-223
openSUSE Tumbleweed
  • chromedriver >= 126.0.6478.126-1.1
  • chromium >= 126.0.6478.126-1.1
  • nodejs-electron >= 30.2.0-1.1
  • nodejs-electron-devel >= 30.2.0-1.1
  • nodejs-electron-doc >= 30.2.0-1.1
Patchnames:
openSUSE-Tumbleweed-2024-14122
openSUSE-Tumbleweed-2024-14193


SUSE Timeline for this CVE

CVE page created: Tue Jun 25 08:30:06 2024
CVE page last modified: Tue Sep 3 19:32:33 2024