April 16, 2014

Google Pay Out $47,500 in Rewards For Security Bugs Found and Fixed in Chrome 17.0.963.65

(LiveHacking.Com) – Google has released Chrome 17.0.963.65 for Windows, Linux and Mac which fixes a number security related and non-security related bugs. Along the way, Google gave out an extra $30,000 as special rewards for some special bugs. Including a further 14 rewards, for other security related bugs, Google paid out of $47,000 to security researchers for helping make Chrome more secure.

The three special bug finds are:

  1. [$10,000] [116661] Rockstar CVE-1337-d00d1: Excessive WebKit fuzzing. Credit to miaubiz.
  2. [$10,000] [116662] Legend CVE-1337-d00d2: Awesome variety of fuzz targets. Credit to Aki Helin of OUSPG.
  3. [$10,000] [116663] Superhero CVE-1337-d00d3: Significant pain inflicted upon SVG. Credit to Arthur Gerkis.

To determine the above rewards, Google looked at bug finding performance over the past few months. The three named individuals stood out significantly

“We have always reserved the right to arbitrarily reward sustained, extraordinary contributions. In this instance, we’re dropping a surprise bonus. We reserve the right to do so again and reserve the right to do so on a more regular basis! Chrome has a leading reputation for security and it wouldn’t be possible without the aggressive bug hunting of the wider community” wrote Jason Kersey from Google.

The other security related bugs that are fix include:

  • [$1000] [105867] High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit to Chamal de Silva.
  • [$1000] [108037] High CVE-2011-3032: Use-after-free in SVG value handling. Credit to Arthur Gerkis.
  • [$2000] [108406] [115471] High CVE-2011-3033: Buffer overflow in the Skia drawing library. Credit to Aki Helin of OUSPG.
  • [$1000] [111748] High CVE-2011-3034: Use-after-free in SVG document handling. Credit to Arthur Gerkis.
  • [$2000] [112212] High CVE-2011-3035: Use-after-free in SVG use handling. Credit to Arthur Gerkis.
  • [$1000] [113258] High CVE-2011-3036: Bad cast in line box handling. Credit to miaubiz.
  • [$3000] [113439] [114924] [115028] High CVE-2011-3037: Bad casts in anonymous block splitting. Credit to miaubiz.
  • [$1000] [113497] High CVE-2011-3038: Use-after-free in multi-column handling. Credit to miaubiz.
  • [$1000] [113707] High CVE-2011-3039: Use-after-free in quote handling. Credit to miaubiz.
  • [$500] [114054] High CVE-2011-3040: Out-of-bounds read in text handling. Credit to miaubiz.
  • [$1000] [114068] High CVE-2011-3041: Use-after-free in class attribute handling. Credit to miaubiz.
  • [$1000] [114219] High CVE-2011-3042: Use-after-free in table section handling. Credit to miaubiz.
  • [$1000] [115681] High CVE-2011-3043: Use-after-free in flexbox with floats. Credit to miaubiz.
  • [$1000] [116093] High CVE-2011-3044: Use-after-free with SVG animation elements. Credit to Arthur Gerkis.

Note that the referenced bugs may be kept private until a majority of Chrome users are up to date with the fix.

This release also fixes a number of non-security related issues including:

  • Cursors and backgrounds sometimes do not load (bug 111218)
  • Plugins not loading on some pages (bug 108228)
  • Text paste includes trailing spaces (bug 106551)
  • Websites using touch controls break (bug 110332)

Along with these fixes, the release contains an updated version of the Adobe Flash player (11.1.102.63). But at the time of writing Adobe hasn’t published any information about what has been fixed in this new version.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks