Ubuntu Security Notification for Oxide-qt Vulnerabilities (USN-3058-1)

An issue was discovered in Blink involving the provisional URL for an initially empty document.

A use-after-free was discovered in the WebCrypto implementation in Blink.

It was discovered that the devtools subsystem in Blink mishandles various parameters.

It was discovered that Blink does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image.

Multiple security issues were discovered in Chromium.

It was discovered that Blink mishandles deferred page loads.

An issue was discovered in Blink related to widget updates.

A use-after-free was discovered in Blink.

A use-after-free was discovered in Blink.

It was discovered that Chromium does not correctly validate access to the initial document.

A use-after-free was discovered in the event bindings in Blink.

A type confusion bug was discovered in Blink.

An issue was discovered with the devtools implementation.

An issue was discovered with the devtools implementation.

An attacker could potentially exploit this to spoof the currently displayed URL. (CVE-2016-5141)

If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5142)

An attacker could exploit this to bypass intended access restrictions. (CVE-2016-5143, CVE-2016-5144)

If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same origin restrictions. (CVE-2016-5145)

If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5146, CVE-2016-5167)

If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2016-5147)

If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2016-5148)

If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5150)

If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5153)

An attacker could potentially exploit this to spoof the currently displayed URL. (CVE-2016-5155)

If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5156)

If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5161)

An attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2016-5164)

An attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2016-5165)

Refer to Ubuntu advisory USN-3058-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3058-1: 16.04 (Xenial) on src (liboxideqtcore0)

USN-3058-1: 14.04 (Kylin) on src (liboxideqtcore0)