SUSE: CVE-2017-15398: SUSE Linux Security Advisory
|4||(AV:L/AC:M/Au:N/C:P/I:P/A:P)||November 06, 2017||November 07, 2017||November 10, 2017|
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 62.0.3202.89.
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2017-15398, CVE-2017-15399)
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Several vulnerabilities have been discovered in the chromium browser.
Google Chrome Releases reports:
2 security fixes in this release, including:
 Critical CVE-2017-15398: Stack buffer overflow in QUIC.
Reported by Ned Williamson on 2017-10-24
 High CVE-2017-15399: Use after free in V8. Reported by
Zhao Qixun of Qihoo 360 Vulcan Team on 2017-10-20
Free Nexpose Download
Discover, prioritize, and remediate security risks today!