Upstream information

CVE-2024-1671 at MITRE

Description

Inappropriate implementation in Site Isolation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having critical severity.

SUSE Bugzilla entry: 1220131 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Package Hub 15 SP5
  • chromedriver >= 122.0.6261.128-bp155.2.75.1
  • chromium >= 122.0.6261.128-bp155.2.75.1
  • clang17 >= 17.0.6-bp155.2.2
  • clang17-devel >= 17.0.6-bp155.2.2
  • clang17-doc >= 17.0.6-bp155.2.2
  • libLLVM17 >= 17.0.6-bp155.2.2
  • libLLVM17-32bit >= 17.0.6-bp155.2.2
  • libLLVM17-64bit >= 17.0.6-bp155.2.2
  • libLTO17 >= 17.0.6-bp155.2.2
  • libclang-cpp17 >= 17.0.6-bp155.2.2
  • libclang-cpp17-32bit >= 17.0.6-bp155.2.2
  • libclang-cpp17-64bit >= 17.0.6-bp155.2.2
  • liblldb17 >= 17.0.6-bp155.2.2
  • libomp17-devel >= 17.0.6-bp155.2.2
  • lld17 >= 17.0.6-bp155.2.2
  • lldb17 >= 17.0.6-bp155.2.2
  • lldb17-devel >= 17.0.6-bp155.2.2
  • llvm17 >= 17.0.6-bp155.2.2
  • llvm17-devel >= 17.0.6-bp155.2.2
  • llvm17-doc >= 17.0.6-bp155.2.2
  • llvm17-gold >= 17.0.6-bp155.2.2
  • llvm17-libc++-devel >= 17.0.6-bp155.2.2
  • llvm17-libc++1 >= 17.0.6-bp155.2.2
  • llvm17-libc++abi-devel >= 17.0.6-bp155.2.2
  • llvm17-libc++abi1 >= 17.0.6-bp155.2.2
  • llvm17-libclang13 >= 17.0.6-bp155.2.2
  • llvm17-opt-viewer >= 17.0.6-bp155.2.2
  • llvm17-polly >= 17.0.6-bp155.2.2
  • llvm17-polly-devel >= 17.0.6-bp155.2.2
  • llvm17-vim-plugins >= 17.0.6-bp155.2.2
  • python3-clang17 >= 17.0.6-bp155.2.2
  • python3-lldb17 >= 17.0.6-bp155.2.2
Patchnames:
openSUSE-2024-84
openSUSE Leap 15.5
  • chromedriver >= 122.0.6261.128-bp155.2.75.1
  • chromium >= 122.0.6261.128-bp155.2.75.1
  • clang17 >= 17.0.6-bp155.2.2
  • clang17-devel >= 17.0.6-bp155.2.2
  • clang17-doc >= 17.0.6-bp155.2.2
  • libLLVM17 >= 17.0.6-bp155.2.2
  • libLLVM17-32bit >= 17.0.6-bp155.2.2
  • libLLVM17-64bit >= 17.0.6-bp155.2.2
  • libLTO17 >= 17.0.6-bp155.2.2
  • libclang-cpp17 >= 17.0.6-bp155.2.2
  • libclang-cpp17-32bit >= 17.0.6-bp155.2.2
  • libclang-cpp17-64bit >= 17.0.6-bp155.2.2
  • liblldb17 >= 17.0.6-bp155.2.2
  • libomp17-devel >= 17.0.6-bp155.2.2
  • lld17 >= 17.0.6-bp155.2.2
  • lldb17 >= 17.0.6-bp155.2.2
  • lldb17-devel >= 17.0.6-bp155.2.2
  • llvm17 >= 17.0.6-bp155.2.2
  • llvm17-devel >= 17.0.6-bp155.2.2
  • llvm17-doc >= 17.0.6-bp155.2.2
  • llvm17-gold >= 17.0.6-bp155.2.2
  • llvm17-libc++-devel >= 17.0.6-bp155.2.2
  • llvm17-libc++1 >= 17.0.6-bp155.2.2
  • llvm17-libc++abi-devel >= 17.0.6-bp155.2.2
  • llvm17-libc++abi1 >= 17.0.6-bp155.2.2
  • llvm17-libclang13 >= 17.0.6-bp155.2.2
  • llvm17-opt-viewer >= 17.0.6-bp155.2.2
  • llvm17-polly >= 17.0.6-bp155.2.2
  • llvm17-polly-devel >= 17.0.6-bp155.2.2
  • llvm17-vim-plugins >= 17.0.6-bp155.2.2
  • python3-clang17 >= 17.0.6-bp155.2.2
  • python3-lldb17 >= 17.0.6-bp155.2.2
Patchnames:
openSUSE-2024-84
openSUSE Tumbleweed
  • chromedriver >= 122.0.6261.111-1.1
  • chromium >= 122.0.6261.111-1.1
  • ungoogled-chromium >= 122.0.6261.111-1.1
  • ungoogled-chromium-chromedriver >= 122.0.6261.111-1.1
Patchnames:
openSUSE-Tumbleweed-2024-13764
openSUSE-Tumbleweed-2024-13766


SUSE Timeline for this CVE

CVE page created: Wed Feb 21 09:30:13 2024
CVE page last modified: Wed Nov 6 11:53:15 2024