CVE-2024-2176 Common Vulnerabilities and Exposures

Upstream information

CVE-2024-2176 at MITRE

Description

Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

SUSE information

Overall state of this security issue: Resolved

This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.

SUSE Bugzilla entry: 1221105 [RESOLVED / FIXED]

SUSE Security Advisories:

openSUSE-SU-2024:0084-1, published Mon Mar 18 12:53:41 2024

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Package Hub 15 SP5	`chromedriver >= 122.0.6261.128-bp155.2.75.1` `chromium >= 122.0.6261.128-bp155.2.75.1` `clang17 >= 17.0.6-bp155.2.2` `clang17-devel >= 17.0.6-bp155.2.2` `clang17-doc >= 17.0.6-bp155.2.2` `libLLVM17 >= 17.0.6-bp155.2.2` `libLLVM17-32bit >= 17.0.6-bp155.2.2` `libLLVM17-64bit >= 17.0.6-bp155.2.2` `libLTO17 >= 17.0.6-bp155.2.2` `libclang-cpp17 >= 17.0.6-bp155.2.2` `libclang-cpp17-32bit >= 17.0.6-bp155.2.2` `libclang-cpp17-64bit >= 17.0.6-bp155.2.2` `liblldb17 >= 17.0.6-bp155.2.2` `libomp17-devel >= 17.0.6-bp155.2.2` `lld17 >= 17.0.6-bp155.2.2` `lldb17 >= 17.0.6-bp155.2.2` `lldb17-devel >= 17.0.6-bp155.2.2` `llvm17 >= 17.0.6-bp155.2.2` `llvm17-devel >= 17.0.6-bp155.2.2` `llvm17-doc >= 17.0.6-bp155.2.2` `llvm17-gold >= 17.0.6-bp155.2.2` `llvm17-libc++-devel >= 17.0.6-bp155.2.2` `llvm17-libc++1 >= 17.0.6-bp155.2.2` `llvm17-libc++abi-devel >= 17.0.6-bp155.2.2` `llvm17-libc++abi1 >= 17.0.6-bp155.2.2` `llvm17-libclang13 >= 17.0.6-bp155.2.2` `llvm17-opt-viewer >= 17.0.6-bp155.2.2` `llvm17-polly >= 17.0.6-bp155.2.2` `llvm17-polly-devel >= 17.0.6-bp155.2.2` `llvm17-vim-plugins >= 17.0.6-bp155.2.2` `python3-clang17 >= 17.0.6-bp155.2.2` `python3-lldb17 >= 17.0.6-bp155.2.2`	Patchnames: openSUSE-2024-84
openSUSE Leap 15.5	`chromedriver >= 122.0.6261.128-bp155.2.75.1` `chromium >= 122.0.6261.128-bp155.2.75.1` `clang17 >= 17.0.6-bp155.2.2` `clang17-devel >= 17.0.6-bp155.2.2` `clang17-doc >= 17.0.6-bp155.2.2` `libLLVM17 >= 17.0.6-bp155.2.2` `libLLVM17-32bit >= 17.0.6-bp155.2.2` `libLLVM17-64bit >= 17.0.6-bp155.2.2` `libLTO17 >= 17.0.6-bp155.2.2` `libclang-cpp17 >= 17.0.6-bp155.2.2` `libclang-cpp17-32bit >= 17.0.6-bp155.2.2` `libclang-cpp17-64bit >= 17.0.6-bp155.2.2` `liblldb17 >= 17.0.6-bp155.2.2` `libomp17-devel >= 17.0.6-bp155.2.2` `lld17 >= 17.0.6-bp155.2.2` `lldb17 >= 17.0.6-bp155.2.2` `lldb17-devel >= 17.0.6-bp155.2.2` `llvm17 >= 17.0.6-bp155.2.2` `llvm17-devel >= 17.0.6-bp155.2.2` `llvm17-doc >= 17.0.6-bp155.2.2` `llvm17-gold >= 17.0.6-bp155.2.2` `llvm17-libc++-devel >= 17.0.6-bp155.2.2` `llvm17-libc++1 >= 17.0.6-bp155.2.2` `llvm17-libc++abi-devel >= 17.0.6-bp155.2.2` `llvm17-libc++abi1 >= 17.0.6-bp155.2.2` `llvm17-libclang13 >= 17.0.6-bp155.2.2` `llvm17-opt-viewer >= 17.0.6-bp155.2.2` `llvm17-polly >= 17.0.6-bp155.2.2` `llvm17-polly-devel >= 17.0.6-bp155.2.2` `llvm17-vim-plugins >= 17.0.6-bp155.2.2` `python3-clang17 >= 17.0.6-bp155.2.2` `python3-lldb17 >= 17.0.6-bp155.2.2`	Patchnames: openSUSE-2024-84
openSUSE Tumbleweed	`chromedriver >= 122.0.6261.111-1.1` `chromium >= 122.0.6261.111-1.1` `ungoogled-chromium >= 122.0.6261.111-1.1` `ungoogled-chromium-chromedriver >= 122.0.6261.111-1.1`	Patchnames: openSUSE-Tumbleweed-2024-13764 openSUSE-Tumbleweed-2024-13766

SUSE Timeline for this CVE

CVE page created: Wed Mar 6 21:00:09 2024
CVE page last modified: Tue Sep 3 19:32:16 2024