CVE-2020-6546

CVE-2020-6546, security advisory, suse linux, suse, security, cve

CVE-2020-6546

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2020-6546 at MITRE

Description

Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem.

---

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores

	National Vulnerability Database
Base Score	4.6
Vector	AV:L/AC:L/Au:N/C:P/I:P/A:P
Access Vector	Local
Access Complexity	Low
Authentication	None
Confidentiality Impact	Partial
Integrity Impact	Partial
Availability Impact	Partial

CVSS v3 Scores

	National Vulnerability Database
Base Score	7.8
Vector	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector	Local
Attack Complexity	Low
Privileges Required	Low
User Interaction	None
Scope	Unchanged
Confidentiality Impact	High
Integrity Impact	High
Availability Impact	High
CVSSv3 Version	3.1

SUSE Bugzilla entry: 1175085 [RESOLVED / FIXED]

SUSE Security Advisories:

• openSUSE-SU-2020:1206-1, published Thu Dec 7 12:55:40 2023
• openSUSE-SU-2020:1214-1, published Thu Dec 7 12:55:40 2023
• openSUSE-SU-2020:1215-1, published Thu Dec 7 12:55:40 2023
• openSUSE-SU-2020:1320-1, published Thu Dec 7 12:55:40 2023
• openSUSE-SU-2020:1324-1, published Thu Dec 7 12:55:40 2023

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Package Hub 15 SP1	chromedriver >= 84.0.4147.125-bp151.3.100.1 chromium >= 84.0.4147.125-bp151.3.100.1	Patchnames: openSUSE-2020-1214
SUSE Package Hub 15 SP2	chromedriver >= 84.0.4147.125-bp152.2.13.1 chromium >= 84.0.4147.125-bp152.2.13.1	Patchnames: openSUSE-2020-1215
openSUSE Leap 15.1	chromedriver >= 84.0.4147.125-lp151.2.115.1 chromium >= 84.0.4147.125-lp151.2.115.1	Patchnames: openSUSE-2020-1206
openSUSE Leap 15.1 NonFree	opera >= 70.0.3728.133-lp151.2.27.1	Patchnames: openSUSE-2020-1320
openSUSE Leap 15.2	chromedriver >= 84.0.4147.125-lp152.2.12.2 chromium >= 84.0.4147.125-lp152.2.12.2	Patchnames: openSUSE-2020-1206
openSUSE Leap 15.2 NonFree	opera >= 70.0.3728.133-lp152.2.15.1	Patchnames: openSUSE-2020-1324
openSUSE Leap 15.3	chromium >= 90.0.4430.212-bp153.1.1	Patchnames: openSUSE Leap 15.3 GA chromium-90.0.4430.212-bp153.1.1
openSUSE Leap 15.4	chromium >= 101.0.4951.64-bp154.1.2	Patchnames: openSUSE Leap 15.4 GA chromium-101.0.4951.64-bp154.1.2
openSUSE Tumbleweed	chromedriver >= 93.0.4577.82-1.1 chromium >= 93.0.4577.82-1.1 ungoogled-chromium >= 113.0.5672.92-1.1 ungoogled-chromium-chromedriver >= 113.0.5672.92-1.1	Patchnames: openSUSE-Tumbleweed-2024-10681 openSUSE-Tumbleweed-2024-12948

---

SUSE Timeline for this CVE

CVE page created: Mon Aug 10 23:45:53 2020
CVE page last modified: Tue Sep 3 19:15:31 2024