Chromium updates for SUSE

SUSE 5597 Published 2026-03-23 07:09 by Philipp Esselbach

News

Two critical security updates have been issued by openSUSE to patch significant vulnerabilities in Chromium across their SLE-15 backports. These specific patches fix twenty-six distinct issues that include memory access flaws in WebGL and WebRTC as well as integer overflows found within the ANGLE component.

openSUSE-SU-2026:0093-1: important: Security update for chromium
openSUSE-SU-2026:0094-1: important: Security update for chromium

openSUSE-SU-2026:0093-1: important: Security update for chromium

openSUSE Security Update: Security update for chromium
_______________________________

Announcement ID: openSUSE-SU-2026:0093-1
Rating: important
References: #1259964
Cross-References: CVE-2026-4439 CVE-2026-4440 CVE-2026-4441
CVE-2026-4442 CVE-2026-4443 CVE-2026-4444
CVE-2026-4445 CVE-2026-4446 CVE-2026-4447
CVE-2026-4448 CVE-2026-4449 CVE-2026-4450
CVE-2026-4451 CVE-2026-4452 CVE-2026-4453
CVE-2026-4454 CVE-2026-4455 CVE-2026-4456
CVE-2026-4457 CVE-2026-4458 CVE-2026-4459
CVE-2026-4460 CVE-2026-4461 CVE-2026-4462
CVE-2026-4463 CVE-2026-4464
Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes 26 vulnerabilities is now available.

Description:

This update for chromium fixes the following issues:

- Chromium 146.0.7680.153 (boo#1259964):
* CVE-2026-4439: Out of bounds memory access in WebGL
* CVE-2026-4440: Out of bounds read and write in WebGL
* CVE-2026-4441: Use after free in Base
* CVE-2026-4442: Heap buffer overflow in CSS
* CVE-2026-4443: Heap buffer overflow in WebAudio
* CVE-2026-4444: Stack buffer overflow in WebRTC
* CVE-2026-4445: Use after free in WebRTC
* CVE-2026-4446: Use after free in WebRTC
* CVE-2026-4447: Inappropriate implementation in V8
* CVE-2026-4448: Heap buffer overflow in ANGLE
* CVE-2026-4449: Use after free in Blink
* CVE-2026-4450: Out of bounds write in V8
* CVE-2026-4451: Insufficient validation of untrusted input in Navigation
* CVE-2026-4452: Integer overflow in ANGLE
* CVE-2026-4453: Integer overflow in Dawn
* CVE-2026-4454: Use after free in Network
* CVE-2026-4455: Heap buffer overflow in PDFium
* CVE-2026-4456: Use after free in Digital Credentials API
* CVE-2026-4457: Type Confusion in V8
* CVE-2026-4458: Use after free in Extensions
* CVE-2026-4459: Out of bounds read and write in WebAudio
* CVE-2026-4460: Out of bounds read in Skia
* CVE-2026-4461: Inappropriate implementation in V8
* CVE-2026-4462: Out of bounds read in Blink
* CVE-2026-4463: Heap buffer overflow in WebRTC
* CVE-2026-4464: Integer overflow in ANGLE

- fix INSTALL.sh (upstream changed CHANNEL to channel in wrapper)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2026-93=1

Package List:

- openSUSE Backports SLE-15-SP6 (aarch64 ppc64le x86_64):

chromedriver-146.0.7680.153-bp156.2.251.1
chromium-146.0.7680.153-bp156.2.251.1

References:

https://www.suse.com/security/cve/CVE-2026-4439.html
https://www.suse.com/security/cve/CVE-2026-4440.html
https://www.suse.com/security/cve/CVE-2026-4441.html
https://www.suse.com/security/cve/CVE-2026-4442.html
https://www.suse.com/security/cve/CVE-2026-4443.html
https://www.suse.com/security/cve/CVE-2026-4444.html
https://www.suse.com/security/cve/CVE-2026-4445.html
https://www.suse.com/security/cve/CVE-2026-4446.html
https://www.suse.com/security/cve/CVE-2026-4447.html
https://www.suse.com/security/cve/CVE-2026-4448.html
https://www.suse.com/security/cve/CVE-2026-4449.html
https://www.suse.com/security/cve/CVE-2026-4450.html
https://www.suse.com/security/cve/CVE-2026-4451.html
https://www.suse.com/security/cve/CVE-2026-4452.html
https://www.suse.com/security/cve/CVE-2026-4453.html
https://www.suse.com/security/cve/CVE-2026-4454.html
https://www.suse.com/security/cve/CVE-2026-4455.html
https://www.suse.com/security/cve/CVE-2026-4456.html
https://www.suse.com/security/cve/CVE-2026-4457.html
https://www.suse.com/security/cve/CVE-2026-4458.html
https://www.suse.com/security/cve/CVE-2026-4459.html
https://www.suse.com/security/cve/CVE-2026-4460.html
https://www.suse.com/security/cve/CVE-2026-4461.html
https://www.suse.com/security/cve/CVE-2026-4462.html
https://www.suse.com/security/cve/CVE-2026-4463.html
https://www.suse.com/security/cve/CVE-2026-4464.html
https://bugzilla.suse.com/1259964

openSUSE-SU-2026:0094-1: important: Security update for chromium

openSUSE Security Update: Security update for chromium
_______________________________

Announcement ID: openSUSE-SU-2026:0094-1
Rating: important
References: #1259964
Cross-References: CVE-2026-4439 CVE-2026-4440 CVE-2026-4441
CVE-2026-4442 CVE-2026-4443 CVE-2026-4444
CVE-2026-4445 CVE-2026-4446 CVE-2026-4447
CVE-2026-4448 CVE-2026-4449 CVE-2026-4450
CVE-2026-4451 CVE-2026-4452 CVE-2026-4453
CVE-2026-4454 CVE-2026-4455 CVE-2026-4456
CVE-2026-4457 CVE-2026-4458 CVE-2026-4459
CVE-2026-4460 CVE-2026-4461 CVE-2026-4462
CVE-2026-4463 CVE-2026-4464
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes 26 vulnerabilities is now available.

Description:

This update for chromium fixes the following issues:

- Chromium 146.0.7680.153 (boo#1259964):
* CVE-2026-4439: Out of bounds memory access in WebGL
* CVE-2026-4440: Out of bounds read and write in WebGL
* CVE-2026-4441: Use after free in Base
* CVE-2026-4442: Heap buffer overflow in CSS
* CVE-2026-4443: Heap buffer overflow in WebAudio
* CVE-2026-4444: Stack buffer overflow in WebRTC
* CVE-2026-4445: Use after free in WebRTC
* CVE-2026-4446: Use after free in WebRTC
* CVE-2026-4447: Inappropriate implementation in V8
* CVE-2026-4448: Heap buffer overflow in ANGLE
* CVE-2026-4449: Use after free in Blink
* CVE-2026-4450: Out of bounds write in V8
* CVE-2026-4451: Insufficient validation of untrusted input in Navigation
* CVE-2026-4452: Integer overflow in ANGLE
* CVE-2026-4453: Integer overflow in Dawn
* CVE-2026-4454: Use after free in Network
* CVE-2026-4455: Heap buffer overflow in PDFium
* CVE-2026-4456: Use after free in Digital Credentials API
* CVE-2026-4457: Type Confusion in V8
* CVE-2026-4458: Use after free in Extensions
* CVE-2026-4459: Out of bounds read and write in WebAudio
* CVE-2026-4460: Out of bounds read in Skia
* CVE-2026-4461: Inappropriate implementation in V8
* CVE-2026-4462: Out of bounds read in Blink
* CVE-2026-4463: Heap buffer overflow in WebRTC
* CVE-2026-4464: Integer overflow in ANGLE

- fix INSTALL.sh (upstream changed CHANNEL to channel in wrapper)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-94=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 ppc64le x86_64):

chromedriver-146.0.7680.153-bp157.2.136.1
chromium-146.0.7680.153-bp157.2.136.1

References:

https://www.suse.com/security/cve/CVE-2026-4439.html
https://www.suse.com/security/cve/CVE-2026-4440.html
https://www.suse.com/security/cve/CVE-2026-4441.html
https://www.suse.com/security/cve/CVE-2026-4442.html
https://www.suse.com/security/cve/CVE-2026-4443.html
https://www.suse.com/security/cve/CVE-2026-4444.html
https://www.suse.com/security/cve/CVE-2026-4445.html
https://www.suse.com/security/cve/CVE-2026-4446.html
https://www.suse.com/security/cve/CVE-2026-4447.html
https://www.suse.com/security/cve/CVE-2026-4448.html
https://www.suse.com/security/cve/CVE-2026-4449.html
https://www.suse.com/security/cve/CVE-2026-4450.html
https://www.suse.com/security/cve/CVE-2026-4451.html
https://www.suse.com/security/cve/CVE-2026-4452.html
https://www.suse.com/security/cve/CVE-2026-4453.html
https://www.suse.com/security/cve/CVE-2026-4454.html
https://www.suse.com/security/cve/CVE-2026-4455.html
https://www.suse.com/security/cve/CVE-2026-4456.html
https://www.suse.com/security/cve/CVE-2026-4457.html
https://www.suse.com/security/cve/CVE-2026-4458.html
https://www.suse.com/security/cve/CVE-2026-4459.html
https://www.suse.com/security/cve/CVE-2026-4460.html
https://www.suse.com/security/cve/CVE-2026-4461.html
https://www.suse.com/security/cve/CVE-2026-4462.html
https://www.suse.com/security/cve/CVE-2026-4463.html
https://www.suse.com/security/cve/CVE-2026-4464.html
https://bugzilla.suse.com/1259964

Python, Libvxp, Grub, and more updates for RHEL

GE-Proton10-34 released

Chromium updates for SUSE

openSUSE-SU-2026:0093-1: important: Security update for chromium

openSUSE-SU-2026:0094-1: important: Security update for chromium

Windows

Linux

macOS

Community