Update Info

openSUSE-2026-124

Security update for chromium

Type: security
Severity: important
Issued: 2026-04-12
Description:
This update for chromium fixes the following issues:

Chromium 147.0.7727.55 (boo#1261758):

  * CVE-2026-5858: Heap buffer overflow in WebML
  * CVE-2026-5859: Integer overflow in WebML
  * CVE-2026-5860: Use after free in WebRTC
  * CVE-2026-5861: Use after free in V8
  * CVE-2026-5862: Inappropriate implementation in V8
  * CVE-2026-5863: Inappropriate implementation in V8
  * CVE-2026-5864: Heap buffer overflow in WebAudio
  * CVE-2026-5865: Type Confusion in V8
  * CVE-2026-5866: Use after free in Media
  * CVE-2026-5867: Heap buffer overflow in WebML
  * CVE-2026-5868: Heap buffer overflow in ANGLE
  * CVE-2026-5869: Heap buffer overflow in WebML
  * CVE-2026-5870: Integer overflow in Skia
  * CVE-2026-5871: Type Confusion in V8
  * CVE-2026-5872: Use after free in Blink
  * CVE-2026-5873: Out of bounds read and write in V8
  * CVE-2026-5874: Use after free in PrivateAI
  * CVE-2026-5875: Policy bypass in Blink
  * CVE-2026-5876: Side-channel information leakage in Navigation
  * CVE-2026-5877: Use after free in Navigation
  * CVE-2026-5878: Incorrect security UI in Blink
  * CVE-2026-5879: Insufficient validation of untrusted input in ANGLE
  * CVE-2026-5880: Incorrect security UI in browser UI
  * CVE-2026-5881: Policy bypass in LocalNetworkAccess
  * CVE-2026-5882: Incorrect security UI in Fullscreen
  * CVE-2026-5883: Use after free in Media
  * CVE-2026-5884: Insufficient validation of untrusted input in Media
  * CVE-2026-5885: Insufficient validation of untrusted input in WebML
  * CVE-2026-5886: Out of bounds read in WebAudio
  * CVE-2026-5887: Insufficient validation of untrusted input in Downloads
  * CVE-2026-5888: Uninitialized Use in WebCodecs
  * CVE-2026-5889: Cryptographic Flaw in PDFium
  * CVE-2026-5890: Race in WebCodecs
  * CVE-2026-5891: Insufficient policy enforcement in browser UI
  * CVE-2026-5892: Insufficient policy enforcement in PWAs
  * CVE-2026-5893: Race in V8
  * CVE-2026-5894: Inappropriate implementation in PDF
  * CVE-2026-5895: Incorrect security UI in Omnibox
  * CVE-2026-5896: Policy bypass in Audio
  * CVE-2026-5897: Incorrect security UI in Downloads
  * CVE-2026-5898: Incorrect security UI in Omnibox
  * CVE-2026-5899: Incorrect security UI in History Navigation
  * CVE-2026-5900: Policy bypass in Downloads
  * CVE-2026-5901: Policy bypass in DevTools
  * CVE-2026-5902: Race in Media
  * CVE-2026-5903: Policy bypass in IFrameSandbox
  * CVE-2026-5904: Use after free in V8
  * CVE-2026-5905: Incorrect security UI in Permissions
  * CVE-2026-5906: Incorrect security UI in Omnibox
  * CVE-2026-5907: Insufficient data validation in Media
  * CVE-2026-5908: Integer overflow in Media
  * CVE-2026-5909: Integer overflow in Media
  * CVE-2026-5910: Integer overflow in Media
  * CVE-2026-5911: Policy bypass in ServiceWorkers
  * CVE-2026-5912: Integer overflow in WebRTC
  * CVE-2026-5913: Out of bounds read in Blink
  * CVE-2026-5914: Type Confusion in CSS
  * CVE-2026-5915: Insufficient validation of untrusted input in WebML
  * CVE-2026-5918: Inappropriate implementation in Navigation
  * CVE-2026-5919: Insufficient validation of untrusted input in WebSockets
  * enforce a num,ber of new Local Area Network (LAN) restrictions
  * New Web Printing API
  * vertical tabs support (trial)

- new in 147 (for developers):

  * Element-scoped view transitions exposes startViewTransition on arbitrary HTML elements.
  * CSS contrast-color() helps meet accessibility requirements
  * The CSS border-shape property lets you create non-rectangular borders

  * CVE-2025-4096: Heap buffer overflow in HTML
  * CVE-2025-4050: Out of bounds memory access in DevTools
  * CVE-2025-4051: Insufficient data validation in DevTools
  * CVE-2025-4052: Inappropriate implementation in DevTools
  * CVE-2024-7000: Use after free in CSS
  * CVE-2024-3834: Use after free in Downloads
  * CVE-2020-6465: Use after free in reader mode
  * CVE-2020-6466: Use after free in media
  * CVE-2020-6467: Use after free in WebRTC
  * CVE-2020-6468: Type Confusion in V8
  * CVE-2020-6469: Insufficient policy enforcement in developer tools
  * CVE-2020-6470: Insufficient validation of untrusted input in clipboard
  * CVE-2020-6471: Insufficient policy enforcement in developer tools
  * CVE-2020-6472: Insufficient policy enforcement in developer tools
  * CVE-2020-6473: Insufficient policy enforcement in Blink
  * CVE-2020-6474: Use after free in Blink
  * CVE-2020-6475: Incorrect security UI in full screen
  * CVE-2020-6476: Insufficient policy enforcement in tab strip
  * CVE-2020-6477: Inappropriate implementation in installer
  * CVE-2020-6478: Inappropriate implementation in full screen
  * CVE-2020-6479: Inappropriate implementation in sharing
  * CVE-2020-6480: Insufficient policy enforcement in enterprise
  * CVE-2020-6481: Insufficient policy enforcement in URL formatting
  * CVE-2020-6482: Insufficient policy enforcement in developer tools
  * CVE-2020-6483: Insufficient policy enforcement in payments
  * CVE-2020-6484: Insufficient data validation in ChromeDriver
  * CVE-2020-6485: Insufficient data validation in media router
  * CVE-2020-6486: Insufficient policy enforcement in navigations
  * CVE-2020-6487: Insufficient policy enforcement in downloads
  * CVE-2020-6488: Insufficient policy enforcement in downloads
  * CVE-2020-6489: Inappropriate implementation in developer tools
  * CVE-2020-6490: Insufficient data validation in loader
  * CVE-2020-6491: Incorrect security UI in site information
  * CVE-2019-5754: Inappropriate implementation in QUIC Networking
  * CVE-2019-5782:  Inappropriate implementation in V8
  * CVE-2019-5755: Inappropriate implementation in V8
  * CVE-2019-5756: Use after free in PDFium
  * CVE-2019-5757: Type Confusion in SVG
  * CVE-2019-5758: Use after free in Blink
  * CVE-2019-5759: Use after free in HTML select elements
  * CVE-2019-5760: Use after free in WebRTC
  * CVE-2019-5761: Use after free in SwiftShader
  * CVE-2019-5762: Use after free in PDFium
  * CVE-2019-5763: Insufficient validation of untrusted input in V8
  * CVE-2019-5764: Use after free in WebRTC
  * CVE-2019-5765: Insufficient policy enforcement in the browser
  * CVE-2019-5766: Insufficient policy enforcement in Canvas
  * CVE-2019-5767: Incorrect security UI in WebAPKs
  * CVE-2019-5768: Insufficient policy enforcement in DevTools
  * CVE-2019-5769: Insufficient validation of untrusted input in Blink
  * CVE-2019-5770: Heap buffer overflow in WebGL
  * CVE-2019-5771: Heap buffer overflow in SwiftShader
  * CVE-2019-5772: Use after free in PDFium
  * CVE-2019-5773: Insufficient data validation in IndexedDB
  * CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing
  * CVE-2019-5775: Insufficient policy enforcement in Omnibox
  * CVE-2019-5776: Insufficient policy enforcement in Omnibox
  * CVE-2019-5777: Insufficient policy enforcement in Omnibox
  * CVE-2019-5778: Insufficient policy enforcement in Extensions
  * CVE-2019-5779: Insufficient policy enforcement in ServiceWorker
  * CVE-2019-5780: Insufficient policy enforcement
  * CVE-2019-5781: Insufficient policy enforcement in Omnibox
  * High CVE-2018-6031: Use after free in PDFium
  * High CVE-2018-6032: Same origin bypass in Shared Worker
  * High CVE-2018-6033: Race when opening downloaded files
  * Medium CVE-2018-6034: Integer overflow in Blink
  * Medium CVE-2018-6035: Insufficient isolation of devtools from extensions
  * Medium CVE-2018-6036: Integer underflow in WebAssembly
  * Medium CVE-2018-6037: Insufficient user gesture requirements in autofill
  * Medium CVE-2018-6038: Heap buffer overflow in WebGL
  * Medium CVE-2018-6039: XSS in DevTools
  * Medium CVE-2018-6040: Content security policy bypass
  * Medium CVE-2018-6041: URL spoof in Navigation
  * Medium CVE-2018-6042: URL spoof in OmniBox
  * Medium CVE-2018-6043: Insufficient escaping with external URL handlers
  * Medium CVE-2018-6045: Insufficient isolation of devtools from extensions
  * Medium CVE-2018-6046: Insufficient isolation of devtools from extensions
  * Medium CVE-2018-6047: Cross origin URL leak in WebGL
  * Low CVE-2018-6048: Referrer policy bypass in Blink
  * Low CVE-2017-15420: URL spoofing in Omnibox
  * Low CVE-2018-6049: UI spoof in Permissions
  * Low CVE-2018-6050: URL spoof in OmniBox
  * Low CVE-2018-6051: Referrer leak in XSS Auditor
  * Low CVE-2018-6052: Incomplete no-referrer policy implementation
  * Low CVE-2018-6053: Leak of page thumbnails in New Tab Page
  * Low CVE-2018-6054: Use after free in WebUI
  * CVE-2017-5070: Type confusion in V8
  * CVE-2017-5071: Out of bounds read in V8
  * CVE-2017-5072: Address spoofing in Omnibox
  * CVE-2017-5073: Use after free in print preview
  * CVE-2017-5074: Use after free in Apps Bluetooth
  * CVE-2017-5075: Information leak in CSP reporting
  * CVE-2017-5086: Address spoofing in Omnibox
  * CVE-2017-5076: Address spoofing in Omnibox
  * CVE-2017-5077: Heap buffer overflow in Skia
  * CVE-2017-5078: Possible command injection in mailto handling
  * CVE-2017-5079: UI spoofing in Blink
  * CVE-2017-5080: Use after free in credit card autofill
  * CVE-2017-5081: Extension verification bypass
  * CVE-2017-5082: Insufficient hardening in credit card editor
  * CVE-2017-5083: UI spoofing in Blink
  * CVE-2017-5085: Inappropriate javascript execution on WebUI pages
    - CVE-2016-1663: Use-after-free in Blink's V8 bindings
    * CVE-2013-6643: Unprompted sync with an attacker's 
  * Use Google's online spellchecker to identify misspelled words

References

Packages