Upstream information

CVE-2024-6777 at MITRE

Description

Use after free in Navigation in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

SUSE information

Overall state of this security issue: Resolved

This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.

SUSE Bugzilla entry: 1227979 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Package Hub 15 SP5
  • chromedriver >= 126.0.6478.182-bp155.2.99.1
  • chromium >= 126.0.6478.182-bp155.2.99.1
Patchnames:
openSUSE-2024-212
SUSE Package Hub 15 SP6
  • chromedriver >= 126.0.6478.182-bp156.2.11.1
  • chromium >= 126.0.6478.182-bp156.2.11.1
Patchnames:
openSUSE-2024-212
openSUSE Leap 15.5
  • chromedriver >= 126.0.6478.182-bp155.2.99.1
  • chromium >= 126.0.6478.182-bp155.2.99.1
Patchnames:
openSUSE-2024-212
openSUSE Leap 15.5 NonFree
  • opera >= 112.0.5197.53-lp155.3.57.1
Patchnames:
openSUSE-2024-252
openSUSE Leap 15.6
  • chromedriver >= 126.0.6478.182-bp156.2.11.1
  • chromium >= 126.0.6478.182-bp156.2.11.1
Patchnames:
openSUSE-2024-212
openSUSE Leap 15.6 NonFree
  • opera >= 112.0.5197.53-lp156.2.14.1
Patchnames:
openSUSE-2024-242
openSUSE Tumbleweed
  • chromedriver >= 126.0.6478.182-1.1
  • chromium >= 126.0.6478.182-1.1
Patchnames:
openSUSE-Tumbleweed-2024-14205


SUSE Timeline for this CVE

CVE page created: Wed Jul 17 09:15:07 2024
CVE page last modified: Tue Sep 3 19:32:35 2024