Multiple security vulnerabilities have been found in the Chromium web browser used in IGEL OS. This affects the following IGEL products:
IGEL OS 12
IGEL OS 11
Details
A type confusion in ANGLE, the WebGL component in Chromium, is rated as a critical vulnerability (CVE-2024-4058). In addition, issues rated high exist: An out-of-bounds read in the V8 JavaScript engine API (CVE-2024-4059) and a use-after-free in the WebGPU implementation Dawn (CVE-2024-4060).
Update Instructions
OS 12: Update to the OS 12 Chromium app version 124.0.6367.78 or newer when it is available in the IGEL App Portal.
OS 11: Update to OS 11.10.100 when it is available (mid-May)