First published: Thu Sep 13 2018(Updated: )
An out of bounds read flaw was found in the Skia component of the Chromium browser. Upstream bug(s): <a href="https://code.google.com/p/chromium/issues/detail?id=883596">https://code.google.com/p/chromium/issues/detail?id=883596</a> External References: <a href="https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html">https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html</a>
Credit: Tran Tien Hung @hungtt28 Viettel Cyber Security chrome-cve-admin@google.com cve-coordination@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla Firefox ESR | <60.7 | 60.7 |
Google Chrome | <73.0.3683.75 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
Suse Package Hub | ||
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =18.10 | |
Canonical Ubuntu Linux | =19.04 | |
Opensuse Backports | =sle-15 | |
openSUSE Leap | =15.0 | |
openSUSE Leap | =15.1 | |
openSUSE Leap | =42.3 | |
Redhat Enterprise Linux | =6.0 | |
Redhat Enterprise Linux | =7.0 | |
Redhat Enterprise Linux | =8.0 | |
Mozilla Thunderbird | <60.7 | 60.7 |
redhat/chromium-browser | <73.0.3683.75 | 73.0.3683.75 |
Google Chrome | <73.0.3683.75 | 73.0.3683.75 |
ubuntu/chromium-browser | <73.0.3683.75-0ubuntu0.18.04.1 | 73.0.3683.75-0ubuntu0.18.04.1 |
ubuntu/chromium-browser | <73.0.3683.75-0ubuntu0.18.10.1 | 73.0.3683.75-0ubuntu0.18.10.1 |
ubuntu/chromium-browser | <73.0.3683.75-0ubuntu3 | 73.0.3683.75-0ubuntu3 |
ubuntu/chromium-browser | <73.0.3683.75 | 73.0.3683.75 |
ubuntu/chromium-browser | <73.0.3683.75-0ubuntu0.16.04.1 | 73.0.3683.75-0ubuntu0.16.04.1 |
ubuntu/thunderbird | <1:60.7.0+ | 1:60.7.0+ |
ubuntu/thunderbird | <1:60.7.0+ | 1:60.7.0+ |
ubuntu/thunderbird | <1:60.7.0+ | 1:60.7.0+ |
ubuntu/thunderbird | <60.7 | 60.7 |
ubuntu/thunderbird | <1:60.7.0+ | 1:60.7.0+ |
debian/chromium | 90.0.4430.212-1~deb10u1 120.0.6099.224-1~deb11u1 121.0.6167.139-1~deb12u1 124.0.6367.201-1~deb12u1 124.0.6367.118-1 124.0.6367.201-1 | |
debian/firefox-esr | 91.12.0esr-1~deb10u1 115.10.0esr-1~deb10u1 115.7.0esr-1~deb11u1 115.10.0esr-1~deb11u1 115.7.0esr-1~deb12u1 115.10.0esr-1~deb12u1 115.10.0esr-1 | |
debian/thunderbird | 1:91.12.0-1~deb10u1 1:115.10.1-1~deb10u1 1:115.7.0-1~deb11u1 1:115.10.1-1~deb11u1 1:115.7.0-1~deb12u1 1:115.10.1-1~deb12u1 1:115.10.1-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
CVE-2019-5798 is a vulnerability in the Skia library in Google Chrome that allows a remote attacker to perform an out-of-bounds memory read.
CVE-2019-5798 has a severity rating of 6.5 out of 10.
CVE-2019-5798 affects Google Chrome prior to version 73.0.3683.75.
To fix CVE-2019-5798, update Google Chrome to version 73.0.3683.75 or higher.
You can find more information about CVE-2019-5798 in the following references: [Bugzilla](https://bugzilla.mozilla.org/show_bug.cgi?id=1535518), [Mozilla Advisory](https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/), [SecLists](https://seclists.org/bugtraq/2019/May/67).