Chromium Security Update (MINDBREEZE31048)

ID: MINDBREEZE31048 
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS 
Severity: Medium  
Status: Final 
First published: July 31, 2024 
CVEs: CVE-2024-4058, CVE-2024-4059, CVE-2024-4060, CVE-2024-4368, CVE-2024-4558, CVE-2024-4559, CVE-2024-4947, CVE-2024-4948, CVE-2024-4949, CVE-2024-4761, CVE-2024-4671, CVE-2024-5157, CVE-2024-5158, CVE-2024-5159, CVE-2024-5160, CVE-2024-5274, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496, CVE-2024-5498, CVE-2024-5499 

Summary

• CVE-2024-4059 chromium - Component: Out of bounds read in V8 API.
• CVE-2024-4060 chromium - Component: Use after free in Dawn.
• CVE-2024-4368 chromium - Component: Use after free in Dawn.
• CVE-2024-4558 chromium - Component: Use after free in ANGLE
• CVE-2024-4559 chromium - Component: Heap buffer overflow in WebAudio
• CVE-2024-4947 chromium - Component: Type Confusion in V8.
• CVE-2024-4948 chromium - Component: Use after free in Dawn.
• CVE-2024-4949 chromium - Component: Use after free in V8.
• CVE-2024-4761 chromium - Component: Out of bounds write in V8.
• CVE-2024-4671 chromium - Component: Use after free in Visuals.
• CVE-2024-5157 chromium - Component: Use after free in Scheduling.
• CVE-2024-5158 chromium - Component: Type Confusion in V8.
• CVE-2024-5159 chromium - Component: Heap buffer overflow in ANGLE.
• CVE-2024-5160 chromium - Component: Heap buffer overflow in Dawn.
• CVE-2024-5274 chromium - Component: Type Confusion in V8.
• CVE-2024-5494 chromium - Component: Use after free in Dawn.
• CVE-2024-5495 chromium - Component: Use after free in Dawn.
• CVE-2024-5496 chromium - Component: Use after free in Media Session.
• CVE-2024-5498 chromium - Component: Use after free in Presentation API.
• CVE-2024-5499 chromium - Component: Out of bounds write in Streams API.

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 24.4 Release 
• Mindbreeze InSpire SaaS 24.4 Release