ELBA-2026-64725
- ULN >
- Oracle Linux Errata repository >
- ELBA-2026-64725
ELBA-2026-64725 - chromium Bug Fix update
| Type: | BUG |
| Impact: | NA |
| Release Date: | 2026-04-15 |
Description
[147.0.7727.55-1]
- Update to 147.0.7727.55
* Critical CVE-2026-5858: Heap buffer overflow in WebML
* Critical CVE-2026-5859: Integer overflow in WebML
* High CVE-2026-5860: Use after free in WebRTC
* High CVE-2026-5861: Use after free in V8
* High CVE-2026-5862: Inappropriate implementation in V8
* High CVE-2026-5863: Inappropriate implementation in V8
* High CVE-2026-5864: Heap buffer overflow in WebAudio
* High CVE-2026-5865: Type Confusion in V8
* High CVE-2026-5866: Use after free in Media
* High CVE-2026-5867: Heap buffer overflow in WebML
* High CVE-2026-5868: Heap buffer overflow in ANGLE
* High CVE-2026-5869: Heap buffer overflow in WebML
* High CVE-2026-5870: Integer overflow in Skia
* High CVE-2026-5871: Type Confusion in V8
* High CVE-2026-5872: Use after free in Blink
* High CVE-2026-5873: Out of bounds read and write in V8
* Medium CVE-2026-5874: Use after free in PrivateAI
* Medium CVE-2026-5875: Policy bypass in Blink
* Medium CVE-2026-5876: Side-channel information leakage in Navigation
* Medium CVE-2026-5877: Use after free in Navigation
* Medium CVE-2026-5878: Incorrect security UI in Blink
* Medium CVE-2026-5879: Insufficient validation of untrusted input in ANGLE
* Medium CVE-2026-5880: Incorrect security UI in browser UI
* Medium CVE-2026-5881: Policy bypass in LocalNetworkAccess
* Medium CVE-2026-5882: Incorrect security UI in Fullscreen
* Medium CVE-2026-5883: Use after free in Media
* Medium CVE-2026-5884: Insufficient validation of untrusted input in Media
* Medium CVE-2026-5885: Insufficient validation of untrusted input in WebML
* Medium CVE-2026-5886: Out of bounds read in WebAudio
* Medium CVE-2026-5887: Insufficient validation of untrusted input in Downloads
* Medium CVE-2026-5888: Uninitialized Use in WebCodecs
* Medium CVE-2026-5889: Cryptographic Flaw in PDFium
* Medium CVE-2026-5890: Race in WebCodecs
* Medium CVE-2026-5891: Insufficient policy enforcement in browser UI
* Medium CVE-2026-5892: Insufficient policy enforcement in PWAs
* Medium CVE-2026-5893: Race in V8
* Low CVE-2026-5894: Inappropriate implementation in PDF
* Low CVE-2026-5895: Incorrect security UI in Omnibox
* Low CVE-2026-5896: Policy bypass in Audio
* Low CVE-2026-5897: Incorrect security UI in Downloads
* Low CVE-2026-5898: Incorrect security UI in Omnibox
* Low CVE-2026-5899: Incorrect security UI in History Navigation
* Low CVE-2026-5900: Policy bypass in Downloads
* Low CVE-2026-5901: Policy bypass in DevTools
* Low CVE-2026-5902: Race in Media
* Low CVE-2026-5903: Policy bypass in IFrameSandbox
* Low CVE-2026-5904: Use after free in V8
* Low CVE-2026-5905: Incorrect security UI in Permissions
* Low CVE-2026-5906: Incorrect security UI in Omnibox
* Low CVE-2026-5907: Insufficient data validation in Media
* Low CVE-2026-5908: Integer overflow in Media
* Low CVE-2026-5909: Integer overflow in Media
* Low CVE-2026-5910: Integer overflow in Media
* Low CVE-2026-5911: Policy bypass in ServiceWorkers
* Low CVE-2026-5912: Integer overflow in WebRTC
* Low CVE-2026-5913: Out of bounds read in Blink
* Low CVE-2026-5914: Type Confusion in CSS
* Low CVE-2026-5915: Insufficient validation of untrusted input in WebML
* Low CVE-2026-5918: Inappropriate implementation in Navigation
* Low CVE-2026-5919: Insufficient validation of untrusted input in WebSockets
[146.0.7680.177-1]
- Update to 146.0.7680.177
* High CVE-2026-5273: Use after free in CSS
* High CVE-2026-5272: Heap buffer overflow in GPU
* High CVE-2026-5274: Integer overflow in Codecs
* High CVE-2026-5275: Heap buffer overflow in ANGLE
* High CVE-2026-5276: Insufficient policy enforcement in WebUSB
* High CVE-2026-5277: Integer overflow in ANGLE
* High CVE-2026-5278: Use after free in Web MIDI
* High CVE-2026-5279: Object corruption in V8
* High CVE-2026-5280: Use after free in WebCodecs
* High CVE-2026-5281: Use after free in Dawn
* High CVE-2026-5282: Out of bounds read in WebCodecs
* High CVE-2026-5283: Inappropriate implementation in ANGLE
* High CVE-2026-5284: Use after free in Dawn
* High CVE-2026-5285: Use after free in WebGL
* High CVE-2026-5286: Use after free in Dawn
* High CVE-2026-5287: Use after free in PDF
* High CVE-2026-5288: Use after free in WebView
* High CVE-2026-5289: Use after free in Navigation
* High CVE-2026-5290: Use after free in Compositing
* Medium CVE-2026-5291: Inappropriate implementation in WebGL
* Medium CVE-2026-5292: Out of bounds read in WebCodecs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 10 (aarch64) | chromium-147.0.7727.55-1.el10_1.src.rpm | 4a421473f5cee3c992db3946f11d2c630fcc0eb18980b251aeffe8116ba993b4 | - | ol10_aarch64_u1_developer_EPEL |
| chromedriver-147.0.7727.55-1.el10_1.aarch64.rpm | 1dfc5afa958ad68b284bbd487c391f27d3bf7e316a68ceaae59e65fa67976424 | - | ol10_aarch64_u1_developer_EPEL | |
| chromium-147.0.7727.55-1.el10_1.aarch64.rpm | 4c2236ad443a64fe6b1c5ff34ad0bd9efd2c0a87b08d602e3eae310a207ca4d1 | - | ol10_aarch64_u1_developer_EPEL | |
| chromium-common-147.0.7727.55-1.el10_1.aarch64.rpm | 3adb0809cc08ad1a91c4e6dfb82f2318aa5c500cb268ade0972d5349e62c069d | - | ol10_aarch64_u1_developer_EPEL | |
| chromium-headless-147.0.7727.55-1.el10_1.aarch64.rpm | bd733dd09156483c550789c0d9cf5ef181fc15bcb47f08b4f6d76c5fafccb44f | - | ol10_aarch64_u1_developer_EPEL | |
| chromium-qt5-ui-147.0.7727.55-1.el10_1.aarch64.rpm | f8908860780a5948beea43ce1fea3e26215a5117100298896a30ca9e7e1938ba | - | ol10_aarch64_u1_developer_EPEL | |
| chromium-qt6-ui-147.0.7727.55-1.el10_1.aarch64.rpm | a294e65030e807052df3bf9fd00585386457d9a513744c1f24c91f88790a0381 | - | ol10_aarch64_u1_developer_EPEL | |
| Oracle Linux 10 (x86_64) | chromium-147.0.7727.55-1.el10_1.src.rpm | 4a421473f5cee3c992db3946f11d2c630fcc0eb18980b251aeffe8116ba993b4 | - | ol10_x86_64_u1_developer_EPEL |
| chromedriver-147.0.7727.55-1.el10_1.x86_64.rpm | 1095188972fafcec68732d1bf3d7d25906220f18740518ec463670e7a47ef5fb | - | ol10_x86_64_u1_developer_EPEL | |
| chromium-147.0.7727.55-1.el10_1.x86_64.rpm | e0b1b3bb66730112def138ca24dc14d89f1f97fc5e26948cddaa3d706f072692 | - | ol10_x86_64_u1_developer_EPEL | |
| chromium-common-147.0.7727.55-1.el10_1.x86_64.rpm | 0d6fd86063ea8574569d97f8bb5b5b751546b5f756ad876cac7e7c9b3affab2e | - | ol10_x86_64_u1_developer_EPEL | |
| chromium-headless-147.0.7727.55-1.el10_1.x86_64.rpm | 8905f95f3b6bf4a1f0685de51287bd8e9bc01c8b0e38941f600f8c7b27af3602 | - | ol10_x86_64_u1_developer_EPEL | |
| chromium-qt5-ui-147.0.7727.55-1.el10_1.x86_64.rpm | ea2fdbaf773916aec0baff9071b381086eecef807255df09ae2e039dcf98cadb | - | ol10_x86_64_u1_developer_EPEL | |
| chromium-qt6-ui-147.0.7727.55-1.el10_1.x86_64.rpm | ac54b68b9a358b0684ea9aca45761f5de0327573a2d6cb97ca7e69245465e828 | - | ol10_x86_64_u1_developer_EPEL | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
