Debian Chromium Vulnerabilities Lead to Critical Denial of Service and Code Execution Risks

Debian has issued two security advisories for Chromium, addressing critical vulnerabilities. The first advisory, DSA-6337, published on June 10, 2026, covers a code execution information disclosure vulnerability fixed in version 149.0.7827.102-1~deb12u1 for oldstable and 149.0.7827.102-1~deb13u1 for stable. The second advisory, DSA-6344, released on June 13, 2026, addresses a denial of service vulnerability, with fixes in versions 149.0.7827.114-1~deb12u1 and 149.0.7827.114-1~deb13u1. Users are urged to upgrade their Chromium packages to mitigate these risks. The vulnerabilities could potentially allow attackers to exploit systems running outdated versions of Chromium, affecting both oldstable and stable Debian distributions.

Key Points: • Two critical vulnerabilities in Debian's Chromium have been disclosed. • Users are advised to update to the latest versions to prevent exploitation. • The vulnerabilities could lead to denial of service and code execution risks.