Bug 1840893 (CVE-2020-6463) - CVE-2020-6463 chromium-browser: Use after free in ANGLE
Summary: CVE-2020-6463 chromium-browser: Use after free in ANGLE
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2020-6463
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1840896 1860970 1861034 1861035 1861036 1861037 1861038 1861039 1861040 1840895 1840897 1860968 1860969 1860971 1860972 1860973 1860974
Blocks: 1840901
TreeView+ depends on / blocked
 
Reported: 2020-05-27 20:00 UTC by Guilherme de Almeida Suckevicz
Modified: 2020-07-31 03:06 UTC (History)
8 users (show)

Fixed In Version: chromium-browser 81.0.4044.122, firefox 68.11, thunderbird 78.1, thunderbird 68.11
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-05-28 04:20:40 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2020:3229 None None None 2020-07-29 21:11:48 UTC
Red Hat Product Errata RHSA-2020:3233 None None None 2020-07-29 22:37:51 UTC
Red Hat Product Errata RHSA-2020:3241 None None None 2020-07-30 07:37:36 UTC
Red Hat Product Errata RHSA-2020:3253 None None None 2020-07-30 19:32:58 UTC
Red Hat Product Errata RHSA-2020:3254 None None None 2020-07-30 19:25:21 UTC

Description Guilherme de Almeida Suckevicz 2020-05-27 20:00:12 UTC
An use after free flaw was found in the ANGLE component of the Chromium browser.

Upstream bug(s):

https://code.google.com/p/chromium/issues/detail?id=1065186

External References:

https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html

Comment 1 Guilherme de Almeida Suckevicz 2020-05-27 20:01:40 UTC
Created chromium tracking bugs for this issue:

Affects: epel-all [bug 1840897]
Affects: fedora-all [bug 1840896]

Comment 3 Huzaifa S. Sidhpurwala 2020-05-28 04:20:40 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Supplementary

Via RHSA-2020:1970 https://access.redhat.com/errata/RHSA-2020:1970

Comment 4 errata-xmlrpc 2020-07-29 21:11:46 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions

Via RHSA-2020:3229 https://access.redhat.com/errata/RHSA-2020:3229

Comment 5 errata-xmlrpc 2020-07-29 22:37:49 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2020:3233 https://access.redhat.com/errata/RHSA-2020:3233

Comment 6 errata-xmlrpc 2020-07-30 07:37:34 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:3241 https://access.redhat.com/errata/RHSA-2020:3241

Comment 7 errata-xmlrpc 2020-07-30 19:25:18 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2020:3254 https://access.redhat.com/errata/RHSA-2020:3254

Comment 8 errata-xmlrpc 2020-07-30 19:32:56 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:3253 https://access.redhat.com/errata/RHSA-2020:3253


Note You need to log in before you can comment on or make changes to this bug.