Debian dsa-6273:chromium - 安全更新

critical Nessus 插件 ID 314979

简介

远程 Debian 主机上缺少一个或多个与安全相关的更新。

描述

远程 Debian 12/13 主机上安装的多个程序包受到 dsa-6273 公告中提及的多个漏洞影响。

- ------------------------------------------------------------------------- Debian 安全公告 DSA-6273-1 [email protected] https://www.debian.org/security/Andres Salomon 2026 年 5 月 15 日https://www.debian.org/security/faq
- -------------------------------------------------------------------------

程序包:chromium CVE ID:CVE-2026-8509 CVE-2026-8510 CVE-2026-8511 CVE-2026-8512 CVE-2026-8513 CVE-2026-8514 CVE-2026-8515 CVE-2026-8516 CVE-2026-8517 CVE-2026-8518 CVE-2026-8519 CVE-2026-8520 CVE-2026-8521 CVE-2026-8522 CVE-2026-8523 CVE-2026-8524 CVE-2026-8525 CVE-2026-8526 CVE-2026-8527 CVE-2026-8528 CVE-2026-8529 CVE-2026-8530 CVE-2026-8531 CVE-2026-8532 CVE-2026-8533 CVE-2026-8534 CVE-2026-8535 CVE-2026-8536 CVE-2026-8537 CVE-2026-8538 CVE-2026-8539 CVE-2026-8540 CVE-2026-8541 CVE-2026-8542 CVE-2026-8543 CVE-2026-8544 CVE-2026-8545 CVE-2026-8546 CVE-2026-8547 CVE-2026-8548 CVE-2026-8549 CVE-2026-8550 CVE-2026-8551 CVE-2026-8552 CVE-2026-8553 CVE-2026-8554 CVE-2026-8555 CVE-2026-8556 CVE-2026-8557 CVE-2026-8558 CVE-2026-8559 CVE-2026-8560 CVE-2026-8561 CVE-2026-8562 CVE-2026-8563 CVE-2026-8564 CVE-2026-8565 CVE-2026-8566 CVE-2026-8567 CVE-2026-8568 CVE-2026-8569 CVE-2026-8570 CVE-2026-8571 CVE-2026-8572 CVE-2026-8573 CVE-2026-8574 CVE-2026-8575 CVE-2026-8576 CVE-2026-8577 CVE-2026-8578 CVE-2026-8579 CVE-2026-8580 CVE-2026-8581 CVE-2026-8582 CVE-2026-8583 CVE-2026-8584 CVE-2026-8585 CVE-2026-8586 CVE-2026-8587

在 Chromium 中发现多个安全问题,这些问题可能会造成任意代码执行、拒绝服务或信息泄露。

对于旧稳定发行版本 (bookworm),已在 148.0.7778.167-1~deb12u1 版本中修复这些问题。

对于稳定发行版本 (trixie),已在 148.0.7778.167-1~deb13u1 版本中修复这些问题。

我们建议您升级 chromium 程序包。

如需了解 chromium 的详细安全状态,请参阅其安全跟踪页面:
https://security-tracker.debian.org/tracker/chromium

有关 Debian 安全公告、如何将这些更新应用到系统以及常见问题解答的更多信息,请访问以下网址:https://www.debian.org/security/

邮件列表:[email protected]

Tenable 已直接从 Debian 安全公告中提取上述描述块。

请注意,Nessus 尚未测试这些问题,而是只依据应用程序自我报告的版本号进行判断。

解决方案

升级 chromium 程序包。

另见

https://packages.debian.org/source/bookworm/chromium

https://packages.debian.org/source/trixie/chromium

https://security-tracker.debian.org/tracker/CVE-2026-8509

https://security-tracker.debian.org/tracker/CVE-2026-8510

https://security-tracker.debian.org/tracker/CVE-2026-8511

https://security-tracker.debian.org/tracker/CVE-2026-8512

https://security-tracker.debian.org/tracker/CVE-2026-8513

https://security-tracker.debian.org/tracker/CVE-2026-8514

https://security-tracker.debian.org/tracker/CVE-2026-8515

https://security-tracker.debian.org/tracker/CVE-2026-8516

https://security-tracker.debian.org/tracker/CVE-2026-8517

https://security-tracker.debian.org/tracker/CVE-2026-8518

https://security-tracker.debian.org/tracker/CVE-2026-8519

https://security-tracker.debian.org/tracker/CVE-2026-8520

https://security-tracker.debian.org/tracker/CVE-2026-8521

https://security-tracker.debian.org/tracker/CVE-2026-8522

https://security-tracker.debian.org/tracker/CVE-2026-8523

https://security-tracker.debian.org/tracker/CVE-2026-8524

https://security-tracker.debian.org/tracker/CVE-2026-8525

https://security-tracker.debian.org/tracker/CVE-2026-8526

https://security-tracker.debian.org/tracker/CVE-2026-8527

https://security-tracker.debian.org/tracker/CVE-2026-8528

https://security-tracker.debian.org/tracker/CVE-2026-8529

https://security-tracker.debian.org/tracker/CVE-2026-8530

https://security-tracker.debian.org/tracker/CVE-2026-8531

https://security-tracker.debian.org/tracker/CVE-2026-8532

https://security-tracker.debian.org/tracker/CVE-2026-8533

https://security-tracker.debian.org/tracker/CVE-2026-8534

https://security-tracker.debian.org/tracker/CVE-2026-8535

https://security-tracker.debian.org/tracker/CVE-2026-8536

https://security-tracker.debian.org/tracker/CVE-2026-8537

https://security-tracker.debian.org/tracker/CVE-2026-8538

https://security-tracker.debian.org/tracker/CVE-2026-8539

https://security-tracker.debian.org/tracker/CVE-2026-8540

https://security-tracker.debian.org/tracker/CVE-2026-8541

https://security-tracker.debian.org/tracker/CVE-2026-8542

https://security-tracker.debian.org/tracker/CVE-2026-8543

https://security-tracker.debian.org/tracker/CVE-2026-8544

https://security-tracker.debian.org/tracker/CVE-2026-8545

https://security-tracker.debian.org/tracker/CVE-2026-8546

https://security-tracker.debian.org/tracker/CVE-2026-8547

https://security-tracker.debian.org/tracker/CVE-2026-8548

https://security-tracker.debian.org/tracker/CVE-2026-8549

https://security-tracker.debian.org/tracker/CVE-2026-8550

https://security-tracker.debian.org/tracker/CVE-2026-8551

https://security-tracker.debian.org/tracker/CVE-2026-8552

https://security-tracker.debian.org/tracker/CVE-2026-8553

https://security-tracker.debian.org/tracker/CVE-2026-8554

https://security-tracker.debian.org/tracker/CVE-2026-8555

https://security-tracker.debian.org/tracker/CVE-2026-8556

https://security-tracker.debian.org/tracker/CVE-2026-8557

https://security-tracker.debian.org/tracker/CVE-2026-8558

https://security-tracker.debian.org/tracker/CVE-2026-8559

https://security-tracker.debian.org/tracker/CVE-2026-8560

https://security-tracker.debian.org/tracker/CVE-2026-8561

https://security-tracker.debian.org/tracker/CVE-2026-8562

https://security-tracker.debian.org/tracker/CVE-2026-8563

https://security-tracker.debian.org/tracker/CVE-2026-8564

https://security-tracker.debian.org/tracker/CVE-2026-8565

https://security-tracker.debian.org/tracker/CVE-2026-8566

https://security-tracker.debian.org/tracker/CVE-2026-8567

https://security-tracker.debian.org/tracker/CVE-2026-8568

https://security-tracker.debian.org/tracker/CVE-2026-8569

https://security-tracker.debian.org/tracker/CVE-2026-8570

https://security-tracker.debian.org/tracker/CVE-2026-8571

https://security-tracker.debian.org/tracker/CVE-2026-8572

https://security-tracker.debian.org/tracker/CVE-2026-8573

https://security-tracker.debian.org/tracker/CVE-2026-8574

https://security-tracker.debian.org/tracker/CVE-2026-8575

https://security-tracker.debian.org/tracker/CVE-2026-8576

https://security-tracker.debian.org/tracker/CVE-2026-8577

https://security-tracker.debian.org/tracker/CVE-2026-8578

https://security-tracker.debian.org/tracker/CVE-2026-8579

https://security-tracker.debian.org/tracker/CVE-2026-8580

https://security-tracker.debian.org/tracker/CVE-2026-8581

https://security-tracker.debian.org/tracker/CVE-2026-8582

https://security-tracker.debian.org/tracker/CVE-2026-8583

https://security-tracker.debian.org/tracker/CVE-2026-8584

https://security-tracker.debian.org/tracker/CVE-2026-8585

https://security-tracker.debian.org/tracker/CVE-2026-8586

https://security-tracker.debian.org/tracker/CVE-2026-8587

https://security-tracker.debian.org/tracker/source-package/chromium

插件详情

严重性: Critical

ID: 314979

文件名: debian_DSA-6273.nasl

版本: 1.1

类型: Local

代理: unix

发布时间: 2026/5/15

最近更新时间: 2026/5/15

支持的传感器: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

风险信息

VPR

风险因素: Medium

分数: 6.9

百分位: 96.95

CVSS v2

风险因素: Critical

基本分数: 10

时间分数: 7.4

矢量: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 分数来源: CVE-2026-8587

CVSS v3

风险因素: Critical

基本分数: 9.6

时间分数: 8.3

矢量: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

时间矢量: CVSS:3.0/E:U/RL:O/RC:C

CVSS 分数来源: CVE-2026-8580

漏洞信息

CPE: p-cpe:/a:debian:debian_linux:chromium-common, p-cpe:/a:debian:debian_linux:chromium-l10n, p-cpe:/a:debian:debian_linux:chromium-shell, p-cpe:/a:debian:debian_linux:chromium, cpe:/o:debian:debian_linux:12.0, p-cpe:/a:debian:debian_linux:chromium-headless-shell, p-cpe:/a:debian:debian_linux:chromium-sandbox, p-cpe:/a:debian:debian_linux:chromium-driver, cpe:/o:debian:debian_linux:13.0

必需的 KB 项: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

易利用性: No known exploits are available

补丁发布日期: 2026/5/15

漏洞发布日期: 2026/5/12

参考资料信息

CVE: CVE-2026-8509, CVE-2026-8510, CVE-2026-8511, CVE-2026-8512, CVE-2026-8513, CVE-2026-8514, CVE-2026-8515, CVE-2026-8516, CVE-2026-8517, CVE-2026-8518, CVE-2026-8519, CVE-2026-8520, CVE-2026-8521, CVE-2026-8522, CVE-2026-8523, CVE-2026-8524, CVE-2026-8525, CVE-2026-8526, CVE-2026-8527, CVE-2026-8528, CVE-2026-8529, CVE-2026-8530, CVE-2026-8531, CVE-2026-8532, CVE-2026-8533, CVE-2026-8534, CVE-2026-8535, CVE-2026-8536, CVE-2026-8537, CVE-2026-8538, CVE-2026-8539, CVE-2026-8540, CVE-2026-8541, CVE-2026-8542, CVE-2026-8543, CVE-2026-8544, CVE-2026-8545, CVE-2026-8546, CVE-2026-8547, CVE-2026-8548, CVE-2026-8549, CVE-2026-8550, CVE-2026-8551, CVE-2026-8552, CVE-2026-8553, CVE-2026-8554, CVE-2026-8555, CVE-2026-8556, CVE-2026-8557, CVE-2026-8558, CVE-2026-8559, CVE-2026-8560, CVE-2026-8561, CVE-2026-8562, CVE-2026-8563, CVE-2026-8564, CVE-2026-8565, CVE-2026-8566, CVE-2026-8567, CVE-2026-8568, CVE-2026-8569, CVE-2026-8570, CVE-2026-8571, CVE-2026-8572, CVE-2026-8573, CVE-2026-8574, CVE-2026-8575, CVE-2026-8576, CVE-2026-8577, CVE-2026-8578, CVE-2026-8579, CVE-2026-8580, CVE-2026-8581, CVE-2026-8582, CVE-2026-8583, CVE-2026-8584, CVE-2026-8585, CVE-2026-8586, CVE-2026-8587