Skip to main content
Skip table of contents

ISN 2024-11: Chromium Critical Vulnerability

First published 30 April 2024

CVSS 3.1: n/a (critical)

CVSS:3.1 n/a

Summary

Multiple security vulnerabilities have been found in the Chromium web browser used in IGEL OS. This affects the following IGEL products:

  • IGEL OS 12
  • IGEL OS 11

Details

A type confusion in ANGLE, the WebGL component in Chromium, is rated as a critical vulnerability (CVE-2024-4058). In addition, issues rated high exist: An out-of-bounds read in the V8 JavaScript engine API (CVE-2024-4059) and a use-after-free in the WebGPU implementation Dawn (CVE-2024-4060).

Update Instructions

  • OS 12: Update to the OS 12 Chromium app version 124.0.6367.78 or newer when it is available in the IGEL App Portal.
  • OS 11: Update to OS 11.10.100 when it is available (mid-May)

References

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.