A request privilege escalation flaw was found in the Extensions component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=797461 External References: https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html
Created chromium tracking bugs for this issue: Affects: epel-7 [bug 1608211] Affects: fedora-all [bug 1608210]
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Supplementary Via RHSA-2018:2282 https://access.redhat.com/errata/RHSA-2018:2282
Looks like the alias might be wrong. According to the linked bug page the correct CVE is CVE-2018-16064 not CVE-2018-6044. This is confirmed by the NVD page https://nvd.nist.gov/vuln/detail/CVE-2018-16064. It appears the Chrome release note just mentioned the wrong CVE id.
(In reply to Nicholas Luedtke from comment #4) > Looks like the alias might be wrong. According to the linked bug page the > correct CVE is CVE-2018-16064 not CVE-2018-6044. This is confirmed by the > NVD page https://nvd.nist.gov/vuln/detail/CVE-2018-16064. > > It appears the Chrome release note just mentioned the wrong CVE id. Thanks for the info. CVE ID changed from CVE-2018-6044 to CVE-2018-16064.