- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202201-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Chromium, Google Chrome: Multiple vulnerabilities
Date: January 31, 2022
Bugs: #803167, #806223, #808715, #811348, #813035, #814221,
#814617, #815673, #816984, #819054, #820689, #824274,
#829190, #830642, #831624
ID: 202201-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been found in Chromium and Google Chrome,
the worst of which could result in the arbitrary execution of code.
Background
=========
Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web.
Google Chrome is one, fast, simple, and secure browser for all your
devices.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/google-chrome < 97.0.4692.99 >= 97.0.4692.99
2 www-client/chromium < 97.0.4692.99 >= 97.0.4692.99
Description
==========
Multiple vulnerabilities have been discovered in Chromium and Google
Chrome. Please review the CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
>=www-client/chromium-97.0.4692.99
All Google Chrome users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
>=www-client/google-chrome-97.0.4692.99
References
=========
[ 1 ] CVE-2021-30593
https://nvd.nist.gov/vuln/detail/CVE-2021-30593
[ 2 ] CVE-2022-0292
https://nvd.nist.gov/vuln/detail/CVE-2022-0292
[ 3 ] CVE-2022-0118
https://nvd.nist.gov/vuln/detail/CVE-2022-0118
[ 4 ] CVE-2022-0112
https://nvd.nist.gov/vuln/detail/CVE-2022-0112
[ 5 ] CVE-2021-30625
https://nvd.nist.gov/vuln/detail/CVE-2021-30625
[ 6 ] CVE-2021-37975
https://nvd.nist.gov/vuln/detail/CVE-2021-37975
[ 7 ] CVE-2021-38014
https://nvd.nist.gov/vuln/detail/CVE-2021-38014
[ 8 ] CVE-2021-30606
https://nvd.nist.gov/vuln/detail/CVE-2021-30606
[ 9 ] CVE-2021-37989
https://nvd.nist.gov/vuln/detail/CVE-2021-37989
[ 10 ] CVE-2022-0296
https://nvd.nist.gov/vuln/detail/CVE-2022-0296
[ 11 ] CVE-2021-37981
https://nvd.nist.gov/vuln/detail/CVE-2021-37981
[ 12 ] CVE-2022-0310
https://nvd.nist.gov/vuln/detail/CVE-2022-0310
[ 13 ] CVE-2021-37963
https://nvd.nist.gov/vuln/detail/CVE-2021-37963
[ 14 ] CVE-2022-0309
https://nvd.nist.gov/vuln/detail/CVE-2022-0309
[ 15 ] CVE-2021-30584
https://nvd.nist.gov/vuln/detail/CVE-2021-30584
[ 16 ] CVE-2022-0289
https://nvd.nist.gov/vuln/detail/CVE-2022-0289
[ 17 ] CVE-2021-30611
https://nvd.nist.gov/vuln/detail/CVE-2021-30611
[ 18 ] CVE-2021-37965
https://nvd.nist.gov/vuln/detail/CVE-2021-37965
[ 19 ] CVE-2021-38003
https://nvd.nist.gov/vuln/detail/CVE-2021-38003
[ 20 ] CVE-2021-37968
https://nvd.nist.gov/vuln/detail/CVE-2021-37968
[ 21 ] CVE-2022-0305
https://nvd.nist.gov/vuln/detail/CVE-2022-0305
[ 22 ] CVE-2021-30598
https://nvd.nist.gov/vuln/detail/CVE-2021-30598
[ 23 ] CVE-2021-37973
https://nvd.nist.gov/vuln/detail/CVE-2021-37973
[ 24 ] CVE-2022-0295
https://nvd.nist.gov/vuln/detail/CVE-2022-0295
[ 25 ] CVE-2022-0304
https://nvd.nist.gov/vuln/detail/CVE-2022-0304
[ 26 ] CVE-2021-30622
https://nvd.nist.gov/vuln/detail/CVE-2021-30622
[ 27 ] CVE-2021-30591
https://nvd.nist.gov/vuln/detail/CVE-2021-30591
[ 28 ] CVE-2021-37967
https://nvd.nist.gov/vuln/detail/CVE-2021-37967
[ 29 ] CVE-2022-0109
https://nvd.nist.gov/vuln/detail/CVE-2022-0109
[ 30 ] CVE-2021-30609
https://nvd.nist.gov/vuln/detail/CVE-2021-30609
[ 31 ] CVE-2021-37984
https://nvd.nist.gov/vuln/detail/CVE-2021-37984
[ 32 ] CVE-2022-0297
https://nvd.nist.gov/vuln/detail/CVE-2022-0297
[ 33 ] CVE-2021-37959
https://nvd.nist.gov/vuln/detail/CVE-2021-37959
[ 34 ] CVE-2021-30613
https://nvd.nist.gov/vuln/detail/CVE-2021-30613
[ 35 ] CVE-2021-37976
https://nvd.nist.gov/vuln/detail/CVE-2021-37976
[ 36 ] CVE-2021-30603
https://nvd.nist.gov/vuln/detail/CVE-2021-30603
[ 37 ] CVE-2021-37970
https://nvd.nist.gov/vuln/detail/CVE-2021-37970
[ 38 ] CVE-2021-37983
https://nvd.nist.gov/vuln/detail/CVE-2021-37983
[ 39 ] CVE-2021-37992
https://nvd.nist.gov/vuln/detail/CVE-2021-37992
[ 40 ] CVE-2022-0290
https://nvd.nist.gov/vuln/detail/CVE-2022-0290
[ 41 ] CVE-2021-30587
https://nvd.nist.gov/vuln/detail/CVE-2021-30587
[ 42 ] CVE-2021-38016
https://nvd.nist.gov/vuln/detail/CVE-2021-38016
[ 43 ] CVE-2022-0302
https://nvd.nist.gov/vuln/detail/CVE-2022-0302
[ 44 ] CVE-2021-37962
https://nvd.nist.gov/vuln/detail/CVE-2021-37962
[ 45 ] CVE-2021-30599
https://nvd.nist.gov/vuln/detail/CVE-2021-30599
[ 46 ] CVE-2021-30607
https://nvd.nist.gov/vuln/detail/CVE-2021-30607
[ 47 ] CVE-2021-37998
https://nvd.nist.gov/vuln/detail/CVE-2021-37998
[ 48 ] CVE-2021-30602
https://nvd.nist.gov/vuln/detail/CVE-2021-30602
[ 49 ] CVE-2022-0114
https://nvd.nist.gov/vuln/detail/CVE-2022-0114
[ 50 ] CVE-2021-30610
https://nvd.nist.gov/vuln/detail/CVE-2021-30610
[ 51 ] CVE-2021-37990
https://nvd.nist.gov/vuln/detail/CVE-2021-37990
[ 52 ] CVE-2022-0293
https://nvd.nist.gov/vuln/detail/CVE-2022-0293
[ 53 ] CVE-2021-30627
https://nvd.nist.gov/vuln/detail/CVE-2021-30627
[ 54 ] CVE-2021-37994
https://nvd.nist.gov/vuln/detail/CVE-2021-37994
[ 55 ] CVE-2022-0303
https://nvd.nist.gov/vuln/detail/CVE-2022-0303
[ 56 ] CVE-2021-30626
https://nvd.nist.gov/vuln/detail/CVE-2021-30626
[ 57 ] CVE-2021-37988
https://nvd.nist.gov/vuln/detail/CVE-2021-37988
[ 58 ] CVE-2022-0311
https://nvd.nist.gov/vuln/detail/CVE-2022-0311
[ 59 ] CVE-2021-30586
https://nvd.nist.gov/vuln/detail/CVE-2021-30586
[ 60 ] CVE-2021-30624
https://nvd.nist.gov/vuln/detail/CVE-2021-30624
[ 61 ] CVE-2021-37991
https://nvd.nist.gov/vuln/detail/CVE-2021-37991
[ 62 ] CVE-2021-30594
https://nvd.nist.gov/vuln/detail/CVE-2021-30594
[ 63 ] CVE-2021-30616
https://nvd.nist.gov/vuln/detail/CVE-2021-30616
[ 64 ] CVE-2021-37986
https://nvd.nist.gov/vuln/detail/CVE-2021-37986
[ 65 ] CVE-2021-38012
https://nvd.nist.gov/vuln/detail/CVE-2021-38012
[ 66 ] CVE-2022-0298
https://nvd.nist.gov/vuln/detail/CVE-2022-0298
[ 67 ] CVE-2021-37978
https://nvd.nist.gov/vuln/detail/CVE-2021-37978
[ 68 ] CVE-2021-38001
https://nvd.nist.gov/vuln/detail/CVE-2021-38001
[ 69 ] CVE-2022-0110
https://nvd.nist.gov/vuln/detail/CVE-2022-0110
[ 70 ] CVE-2021-38011
https://nvd.nist.gov/vuln/detail/CVE-2021-38011
[ 71 ] CVE-2021-30583
https://nvd.nist.gov/vuln/detail/CVE-2021-30583
[ 72 ] CVE-2022-0306
https://nvd.nist.gov/vuln/detail/CVE-2022-0306
[ 73 ] CVE-2021-38013
https://nvd.nist.gov/vuln/detail/CVE-2021-38013
[ 74 ] CVE-2021-37993
https://nvd.nist.gov/vuln/detail/CVE-2021-37993
[ 75 ] CVE-2021-37979
https://nvd.nist.gov/vuln/detail/CVE-2021-37979
[ 76 ] CVE-2022-0301
https://nvd.nist.gov/vuln/detail/CVE-2022-0301
[ 77 ] CVE-2021-37999
https://nvd.nist.gov/vuln/detail/CVE-2021-37999
[ 78 ] CVE-2021-37977
https://nvd.nist.gov/vuln/detail/CVE-2021-37977
[ 79 ] CVE-2021-37995
https://nvd.nist.gov/vuln/detail/CVE-2021-37995
[ 80 ] CVE-2022-0117
https://nvd.nist.gov/vuln/detail/CVE-2022-0117
[ 81 ] CVE-2021-30592
https://nvd.nist.gov/vuln/detail/CVE-2021-30592
[ 82 ] CVE-2021-38018
https://nvd.nist.gov/vuln/detail/CVE-2021-38018
[ 83 ] CVE-2021-30612
https://nvd.nist.gov/vuln/detail/CVE-2021-30612
[ 84 ] CVE-2021-38006
https://nvd.nist.gov/vuln/detail/CVE-2021-38006
[ 85 ] CVE-2021-37982
https://nvd.nist.gov/vuln/detail/CVE-2021-37982
[ 86 ] CVE-2022-0300
https://nvd.nist.gov/vuln/detail/CVE-2022-0300
[ 87 ] CVE-2022-0113
https://nvd.nist.gov/vuln/detail/CVE-2022-0113
[ 88 ] CVE-2021-37971
https://nvd.nist.gov/vuln/detail/CVE-2021-37971
[ 89 ] CVE-2021-37987
https://nvd.nist.gov/vuln/detail/CVE-2021-37987
[ 90 ] CVE-2022-0308
https://nvd.nist.gov/vuln/detail/CVE-2022-0308
[ 91 ] CVE-2022-0115
https://nvd.nist.gov/vuln/detail/CVE-2022-0115
[ 92 ] CVE-2021-37961
https://nvd.nist.gov/vuln/detail/CVE-2021-37961
[ 93 ] CVE-2022-0111
https://nvd.nist.gov/vuln/detail/CVE-2022-0111
[ 94 ] CVE-2021-30618
https://nvd.nist.gov/vuln/detail/CVE-2021-30618
[ 95 ] CVE-2021-38005
https://nvd.nist.gov/vuln/detail/CVE-2021-38005
[ 96 ] CVE-2021-30600
https://nvd.nist.gov/vuln/detail/CVE-2021-30600
[ 97 ] CVE-2021-30615
https://nvd.nist.gov/vuln/detail/CVE-2021-30615
[ 98 ] CVE-2021-38017
https://nvd.nist.gov/vuln/detail/CVE-2021-38017
[ 99 ] CVE-2022-0291
https://nvd.nist.gov/vuln/detail/CVE-2022-0291
[ 100 ] CVE-2021-30597
https://nvd.nist.gov/vuln/detail/CVE-2021-30597
[ 101 ] CVE-2021-30608
https://nvd.nist.gov/vuln/detail/CVE-2021-30608
[ 102 ] CVE-2022-0294
https://nvd.nist.gov/vuln/detail/CVE-2022-0294
[ 103 ] CVE-2021-30588
https://nvd.nist.gov/vuln/detail/CVE-2021-30588
[ 104 ] CVE-2022-0307
https://nvd.nist.gov/vuln/detail/CVE-2022-0307
[ 105 ] CVE-2021-37966
https://nvd.nist.gov/vuln/detail/CVE-2021-37966
[ 106 ] CVE-2021-30596
https://nvd.nist.gov/vuln/detail/CVE-2021-30596
[ 107 ] CVE-2021-30614
https://nvd.nist.gov/vuln/detail/CVE-2021-30614
[ 108 ] CVE-2021-37960
https://nvd.nist.gov/vuln/detail/CVE-2021-37960
[ 109 ] CVE-2021-30590
https://nvd.nist.gov/vuln/detail/CVE-2021-30590
[ 110 ] CVE-2021-37997
https://nvd.nist.gov/vuln/detail/CVE-2021-37997
[ 111 ] CVE-2021-38007
https://nvd.nist.gov/vuln/detail/CVE-2021-38007
[ 112 ] CVE-2021-30601
https://nvd.nist.gov/vuln/detail/CVE-2021-30601
[ 113 ] CVE-2021-38000
https://nvd.nist.gov/vuln/detail/CVE-2021-38000
[ 114 ] CVE-2021-38008
https://nvd.nist.gov/vuln/detail/CVE-2021-38008
[ 115 ] CVE-2021-30617
https://nvd.nist.gov/vuln/detail/CVE-2021-30617
[ 116 ] CVE-2021-37985
https://nvd.nist.gov/vuln/detail/CVE-2021-37985
[ 117 ] CVE-2022-0116
https://nvd.nist.gov/vuln/detail/CVE-2022-0116
[ 118 ] CVE-2021-30589
https://nvd.nist.gov/vuln/detail/CVE-2021-30589
[ 119 ] CVE-2021-30620
https://nvd.nist.gov/vuln/detail/CVE-2021-30620
[ 120 ] CVE-2021-37974
https://nvd.nist.gov/vuln/detail/CVE-2021-37974
[ 121 ] CVE-2021-38002
https://nvd.nist.gov/vuln/detail/CVE-2021-38002
[ 122 ] CVE-2021-37958
https://nvd.nist.gov/vuln/detail/CVE-2021-37958
[ 123 ] CVE-2021-38015
https://nvd.nist.gov/vuln/detail/CVE-2021-38015
[ 124 ] CVE-2022-0120
https://nvd.nist.gov/vuln/detail/CVE-2022-0120
[ 125 ] CVE-2021-30585
https://nvd.nist.gov/vuln/detail/CVE-2021-30585
[ 126 ] CVE-2021-30604
https://nvd.nist.gov/vuln/detail/CVE-2021-30604
[ 127 ] CVE-2021-30582
https://nvd.nist.gov/vuln/detail/CVE-2021-30582
[ 128 ] CVE-2021-38009
https://nvd.nist.gov/vuln/detail/CVE-2021-38009
[ 129 ] CVE-2021-38010
https://nvd.nist.gov/vuln/detail/CVE-2021-38010
[ 130 ] CVE-2021-37957
https://nvd.nist.gov/vuln/detail/CVE-2021-37957
[ 131 ] CVE-2021-30628
https://nvd.nist.gov/vuln/detail/CVE-2021-30628
[ 132 ] CVE-2021-30572
https://nvd.nist.gov/vuln/detail/CVE-2021-30572
[ 133 ] CVE-2021-38020
https://nvd.nist.gov/vuln/detail/CVE-2021-38020
[ 134 ] CVE-2022-0096
https://nvd.nist.gov/vuln/detail/CVE-2022-0096
[ 135 ] CVE-2021-4099
https://nvd.nist.gov/vuln/detail/CVE-2021-4099
[ 136 ] CVE-2021-30578
https://nvd.nist.gov/vuln/detail/CVE-2021-30578
[ 137 ] CVE-2021-30629
https://nvd.nist.gov/vuln/detail/CVE-2021-30629
[ 138 ] CVE-2021-38021
https://nvd.nist.gov/vuln/detail/CVE-2021-38021
[ 139 ] CVE-2022-0108
https://nvd.nist.gov/vuln/detail/CVE-2022-0108
[ 140 ] CVE-2021-30577
https://nvd.nist.gov/vuln/detail/CVE-2021-30577
[ 141 ] CVE-2021-30569
https://nvd.nist.gov/vuln/detail/CVE-2021-30569
[ 142 ] CVE-2021-37956
https://nvd.nist.gov/vuln/detail/CVE-2021-37956
[ 143 ] CVE-2022-0100
https://nvd.nist.gov/vuln/detail/CVE-2022-0100
[ 144 ] CVE-2021-30579
https://nvd.nist.gov/vuln/detail/CVE-2021-30579
[ 145 ] CVE-2022-0104
https://nvd.nist.gov/vuln/detail/CVE-2022-0104
[ 146 ] CVE-2022-0106
https://nvd.nist.gov/vuln/detail/CVE-2022-0106
[ 147 ] CVE-2022-0103
https://nvd.nist.gov/vuln/detail/CVE-2022-0103
[ 148 ] CVE-2021-4098
https://nvd.nist.gov/vuln/detail/CVE-2021-4098
[ 149 ] CVE-2021-30565
https://nvd.nist.gov/vuln/detail/CVE-2021-30565
[ 150 ] CVE-2021-30573
https://nvd.nist.gov/vuln/detail/CVE-2021-30573
[ 151 ] CVE-2021-4100
https://nvd.nist.gov/vuln/detail/CVE-2021-4100
[ 152 ] CVE-2021-30568
https://nvd.nist.gov/vuln/detail/CVE-2021-30568
[ 153 ] CVE-2022-0102
https://nvd.nist.gov/vuln/detail/CVE-2022-0102
[ 154 ] CVE-2021-30621
https://nvd.nist.gov/vuln/detail/CVE-2021-30621
[ 155 ] CVE-2021-30631
https://nvd.nist.gov/vuln/detail/CVE-2021-30631
[ 156 ] CVE-2022-0098
https://nvd.nist.gov/vuln/detail/CVE-2022-0098
[ 157 ] CVE-2021-38022
https://nvd.nist.gov/vuln/detail/CVE-2021-38022
[ 158 ] CVE-2022-0099
https://nvd.nist.gov/vuln/detail/CVE-2022-0099
[ 159 ] CVE-2021-30566
https://nvd.nist.gov/vuln/detail/CVE-2021-30566
[ 160 ] CVE-2021-37996
https://nvd.nist.gov/vuln/detail/CVE-2021-37996
[ 161 ] CVE-2021-38019
https://nvd.nist.gov/vuln/detail/CVE-2021-38019
[ 162 ] CVE-2021-30575
https://nvd.nist.gov/vuln/detail/CVE-2021-30575
[ 163 ] CVE-2021-30581
https://nvd.nist.gov/vuln/detail/CVE-2021-30581
[ 164 ] CVE-2021-30571
https://nvd.nist.gov/vuln/detail/CVE-2021-30571
[ 165 ] CVE-2021-30633
https://nvd.nist.gov/vuln/detail/CVE-2021-30633
[ 166 ] CVE-2021-4101
https://nvd.nist.gov/vuln/detail/CVE-2021-4101
[ 167 ] CVE-2022-0107
https://nvd.nist.gov/vuln/detail/CVE-2022-0107
[ 168 ] CVE-2021-30632
https://nvd.nist.gov/vuln/detail/CVE-2021-30632
[ 169 ] CVE-2021-30574
https://nvd.nist.gov/vuln/detail/CVE-2021-30574
[ 170 ] CVE-2021-30580
https://nvd.nist.gov/vuln/detail/CVE-2021-30580
[ 171 ] CVE-2022-0101
https://nvd.nist.gov/vuln/detail/CVE-2022-0101
[ 172 ] CVE-2021-4102
https://nvd.nist.gov/vuln/detail/CVE-2021-4102
[ 173 ] CVE-2021-30567
https://nvd.nist.gov/vuln/detail/CVE-2021-30567
[ 174 ] CVE-2022-0105
https://nvd.nist.gov/vuln/detail/CVE-2022-0105
[ 175 ] CVE-2022-0097
https://nvd.nist.gov/vuln/detail/CVE-2022-0097
[ 176 ] CVE-2021-30619
https://nvd.nist.gov/vuln/detail/CVE-2021-30619
[ 177 ] CVE-2021-30576
https://nvd.nist.gov/vuln/detail/CVE-2021-30576
[ 178 ] CVE-2021-30630
https://nvd.nist.gov/vuln/detail/CVE-2021-30630
[ 179 ] CVE-2021-30623
https://nvd.nist.gov/vuln/detail/CVE-2021-30623
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202201-02
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2022 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5