Security Information / 2023 / Security Information -- DSA-5551-1 chromium

Debian Security Advisory

DSA-5551-1 chromium -- security update

Date Reported:

09 Nov 2023

Affected Packages:

chromium

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 1033136.
In Mitre's CVE dictionary: CVE-2023-5996.

More information:

An use after free issue was discovered in WebAudio in Google Chrome prior to 119.0.6045.123, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page

For the oldstable distribution (bullseye), this problem has been fixed in version 119.0.6045.123-1~deb11u1.

For the stable distribution (bookworm), this problem has been fixed in version 119.0.6045.123-1~deb12u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium