Vulnerability CVE-2020-15999: Information

Description

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-15999
Published: Nov. 3, 2020
Modified: Feb. 15, 2024
Error type identifier: CWE-787

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
chromiumsisyphus86.0.4240.111-alt1124.0.6367.207-alt1ALT-PU-2020-3123-1260343Fixed
chromiump1086.0.4240.111-alt1119.0.6045.159-alt0.p10.1ALT-PU-2020-3123-1260343Fixed
chromiump987.0.4280.141-alt0.1.p997.0.4692.99-alt0.p9.1ALT-PU-2021-1157-1264552Fixed
chromiumc10f186.0.4240.111-alt1110.0.5481.177-alt1.p10.1ALT-PU-2020-3123-1260343Fixed
chromium-gostsisyphus86.0.4240.111-alt1124.0.6367.78-alt1ALT-PU-2020-3144-1260537Fixed
chromium-gostp1086.0.4240.111-alt1110.0.5481.177-alt1.p10.1ALT-PU-2020-3144-1260537Fixed
chromium-gostp988.0.4324.96-alt0.1.p996.0.4664.45-alt2.p9.1ALT-PU-2021-1210-1265329Fixed
chromium-gostc10f186.0.4240.111-alt1110.0.5481.177-alt1.p10.1ALT-PU-2020-3144-1260537Fixed
chromium-gostc9f288.0.4324.150-alt0.1.c996.0.4664.45-alt2.c9.1ALT-PU-2021-1379-1265372Fixed
firefoxsisyphus83.0-alt1126.0-alt2ALT-PU-2020-3384-1261953Fixed
firefoxp1083.0-alt1118.0.2-alt0.p10.1ALT-PU-2020-3384-1261953Fixed
firefoxc10f183.0-alt1112.0.2-alt0.p10.1ALT-PU-2020-3384-1261953Fixed
firefoxc9f293.0-alt0.p9.1105.0.1-alt0.c9.1ALT-PU-2021-3368-1288792Fixed
firefox-esrsisyphus78.5.0-alt1115.11.0-alt1ALT-PU-2020-3340-1261946Fixed
firefox-esrp1078.5.0-alt1115.10.0-alt1ALT-PU-2020-3340-1261946Fixed
firefox-esrp978.5.0-alt0.1.p9102.11.0-alt0.c9.1ALT-PU-2020-3379-1261955Fixed
firefox-esrc10f178.5.0-alt1115.9.1-alt0.c10.1ALT-PU-2020-3340-1261946Fixed
firefox-esrc9f278.7.1-alt0.1.c9102.12.0-alt0.c9.1ALT-PU-2021-1368-1264611Fixed
libfreetypesisyphus2.10.4-alt12.13.2-alt1ALT-PU-2020-3093-1260149Fixed
libfreetypep102.10.4-alt12.11.0-alt1ALT-PU-2020-3093-1260149Fixed
libfreetypep92.10.1-alt1.1.p9.12.10.1-alt1.1.p9.1ALT-PU-2020-3160-1260179Fixed
libfreetypec10f12.10.4-alt12.11.0-alt1ALT-PU-2020-3093-1260149Fixed
libfreetypec9f22.10.1-alt1.1.p9.12.10.1-alt1.1.p9.1ALT-PU-2020-3165-1260636Fixed
thunderbirdsisyphus78.5.0-alt1115.9.0-alt1ALT-PU-2020-3386-1262148Fixed
thunderbirdp1078.5.0-alt1115.9.0-alt1ALT-PU-2020-3386-1262148Fixed
thunderbirdp978.5.0-alt0.1.p9102.11.0-alt0.c9.1ALT-PU-2020-3424-1262218Fixed
thunderbirdc10f178.5.0-alt1115.9.0-alt0.c10.1ALT-PU-2020-3386-1262148Fixed
thunderbirdc9f278.7.0-alt0.1.c9102.11.0-alt0.c9.1ALT-PU-2021-1369-1264611Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html
  • Third Party Advisory
https://crbug.com/1139963
  • Exploit
  • Issue Tracking
  • Third Party Advisory
openSUSE-SU-2020:1829
  • Mailing List
  • Third Party Advisory
GLSA-202011-12
  • Third Party Advisory
20201118 TCMalloc viewer/dumper - TCMalloc Inspector Tool
  • Mailing List
  • Not Applicable
  • Third Party Advisory
GLSA-202012-04
  • Third Party Advisory
DSA-4824
  • Third Party Advisory
https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html
  • Exploit
  • Third Party Advisory
FEDORA-2020-6b35849edd
    GLSA-202401-19

        1. Configuration 1

          cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
          End excliding
          86.0.4240.111

          Configuration 2

          cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*
          Start including
          2.6.0
          End excliding
          2.10.4

          Configuration 3

          cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

          Configuration 4

          cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

          Configuration 5

          cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v24.5.1
      Back to top