1552485 – (CVE-2018-6068) CVE-2018-6068 chromium-browser: object lifecycle issues in chrome custom tab

Bug 1552485 (CVE-2018-6068) - CVE-2018-6068 chromium-browser: object lifecycle issues in chrome custom tab

Summary: CVE-2018-6068 chromium-browser: object lifecycle issues in chrome custom tab

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2018-6068
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1552510
TreeView+	depends on / blocked

Reported:	2018-03-07 08:29 UTC by Andrej Nemec
Modified:	2021-02-17 00:42 UTC (History)
CC List:	3 users (show)
Fixed In Version:	chromium-browser 65.0.3325.146
Clone Of:
Environment:
Last Closed:	2018-03-12 10:07:54 UTC
Embargoed:

Attachments	(Terms of Use)

Description Andrej Nemec 2018-03-07 08:29:29 UTC

An object lifecycle issues flaw was found in the Chrome Custom Tab component of the Chromium browser.

Upstream bug(s):

https://code.google.com/p/chromium/issues/detail?id=798933

External References:

https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html

Comment 1 Andrej Nemec 2018-03-07 08:34:57 UTC

Created chromium tracking bugs for this issue:

Affects: fedora-all [bug 1552502]
Affects: epel-7 [bug 1552504]

Comment 3 Tomas Hoger 2018-03-12 10:07:54 UTC

Chrome Custom Tab is a feature of the Android version of Chrome, so this issue should not be applicable to Chrome/Chromium versions on other operating systems.

Note You need to log in before you can comment on or make changes to this bug.