SUSE Package Hub - openSUSE-2026-175

Update Info

openSUSE-2026-175

Security update for chromium

Type: security

Severity: critical

Issued: 2026-05-22

Description:

This update for chromium fixes the following issues:

- Chromium 148.0.7778.178 (boo#1265848)
  * CVE-2026-9111: Use after free in WebRTC
  * CVE-2026-9110: Inappropriate implementation in UI
  * CVE-2026-9112: Use after free in GPU
  * CVE-2026-9113: Out of bounds read in GPU
  * CVE-2026-9114: Use after free in QUIC
  * CVE-2026-9115: Insufficient policy enforcement in Service Worker
  * CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
  * CVE-2026-9117: Type Confusion in GFX
  * CVE-2026-9118: Use after free in XR
  * CVE-2026-9119: Heap buffer overflow in WebRTC
  * CVE-2026-9120: Use after free in WebRTC
  * CVE-2026-9126: Use after free in DOM
  * CVE-2026-9121: Out of bounds read in GPU
  * CVE-2026-9122: Out of bounds read in GPU
  * CVE-2026-9123: Heap buffer overflow in Chromecast
  * CVE-2026-9124: Insufficient validation of untrusted input in Input

- add system-wide chromium.conf as in fedora package
  enable several features by default and disable ai features
  allow to override via setting CHROMIUM_USER_FLAGS

References

CVE: CVE-2026-9126
CVE: CVE-2026-9124
CVE: CVE-2026-9123
CVE: CVE-2026-9122
CVE: CVE-2026-9121
CVE: CVE-2026-9120
CVE: CVE-2026-9119
CVE: CVE-2026-9118
CVE: CVE-2026-9117
CVE: CVE-2026-9116
CVE: CVE-2026-9115
CVE: CVE-2026-9114
CVE: CVE-2026-9113
CVE: CVE-2026-9112
CVE: CVE-2026-9111
CVE: CVE-2026-9110
Bugzilla: 1265848 VUL-0: chromium: security fixes in 148.0.7778.178

Update Info

openSUSE-2026-175

Security update for chromium

References

Packages