CVE-2018-8357
https://notcve.org/view.php?id=CVE-2018-8357
An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." • http://www.securityfocus.com/bid/105022 http://www.securitytracker.com/id/1041457 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8357 •
CVE-2018-6152 – chromium-browser: Local file write in DevTools
https://notcve.org/view.php?id=CVE-2018-6152
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction. • http://www.securityfocus.com/bid/104887 https://access.redhat.com/errata/RHSA-2018:2282 https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html https://crbug.com/805445 https://security.gentoo.org/glsa/201808-01 https://www.debian.org/security/2018/dsa-4256 https://access.redhat.com/security/cve/CVE-2018-6152 https://bugzilla.redhat.com/show_bug.cgi?id=1608208 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2018-6553 – AppArmor cupsd Sandbox Bypass Due to Use of Hard Links
https://notcve.org/view.php?id=CVE-2018-6553
The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to 2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and prior to 1.7.2-0ubuntu1.10 in Ubuntu 14.04 LTS. El perfil CUPS AppArmor confinó incorrectamente la puerta trasera dnssd debido al uso de enlaces físicos. Un atacante local podría emplear este problema para escapar del confinamiento. • https://lists.debian.org/debian-lts-announce/2018/07/msg00014.html https://security.gentoo.org/glsa/201908-08 https://usn.ubuntu.com/usn/usn-3713-1 https://www.debian.org/security/2018/dsa-4243 •
CVE-2018-8314
https://notcve.org/view.php?id=CVE-2018-8314
An elevation of privilege vulnerability exists when Windows fails a check, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." • http://www.securityfocus.com/bid/104652 http://www.securitytracker.com/id/1041263 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8314 •
CVE-2018-6127 – chromium-browser: Use after free in indexedDB
https://notcve.org/view.php?id=CVE-2018-6127
Early free of object in use in IndexDB in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. • http://www.securityfocus.com/bid/104309 http://www.securitytracker.com/id/1041014 https://access.redhat.com/errata/RHSA-2018:1815 https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html https://crbug.com/842990 https://www.debian.org/security/2018/dsa-4237 https://access.redhat.com/security/cve/CVE-2018-6127 https://bugzilla.redhat.com/show_bug.cgi?id=1584037 • CWE-416: Use After Free •