Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html | Mailing List Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html | Mailing List Third Party Advisory |
http://packetstormsecurity.com/files/157419/Chrome-ReadableStream-Close-Out-Of-Bounds-Access.html | Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2020:0514 | Third Party Advisory |
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html | Vendor Advisory |
https://crbug.com/1045874 | Exploit Issue Tracking Patch Vendor Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/ | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/ | |
https://security.gentoo.org/glsa/202003-08 | Third Party Advisory |
https://www.debian.org/security/2020/dsa-4638 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
07 Nov 2023, 03:24
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
11 Apr 2022, 19:00
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:* cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* |
|
First Time |
Opensuse backports Sle
Debian debian Linux Fedoraproject Redhat enterprise Linux Desktop Suse Redhat enterprise Linux Server Debian Suse package Hub Suse linux Enterprise Redhat enterprise Linux Workstation Fedoraproject fedora Opensuse Redhat |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/ - Mailing List, Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/157419/Chrome-ReadableStream-Close-Out-Of-Bounds-Access.html - Third Party Advisory, VDB Entry | |
References | (GENTOO) https://security.gentoo.org/glsa/202003-08 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0514 - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/ - Mailing List, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2020/dsa-4638 - Third Party Advisory | |
References | (MISC) https://crbug.com/1045874 - Exploit, Issue Tracking, Patch, Vendor Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html - Mailing List, Third Party Advisory | |
CWE | CWE-787 |
Information
Published : 2020-02-11 15:15
Updated : 2023-12-10 13:13
NVD link : CVE-2020-6390
Mitre link : CVE-2020-6390
CVE.ORG link : CVE-2020-6390
JSON object : View
Products Affected
suse
- package_hub
- linux_enterprise
redhat
- enterprise_linux_server
- enterprise_linux_desktop
- enterprise_linux_workstation
debian
- debian_linux
fedoraproject
- fedora
- chrome
opensuse
- backports_sle
CWE
CWE-787
Out-of-bounds Write