April 15, 2014

Google Fixes Critical Vulnerabilities in Chrome 19.0.1084.52

(LiveHacking.Com) – Google has released Chrome 19.0.1084.52 for Windows, Linux and Mac and in doing so it has fixed two Critical security vulnerabilities and patched nine other High priority security related bugs. Historically Google are quick to release new versions of its web browser and release frequent incremental updates to the current stable version of Chrome to patch any security vulnerabilities discovered. To help it do this, Google has a rewards scheme where it pays hard cash to developers and security researcher who find vulnerabilities. For this release Google paid out $3837.

The first Critical bug squashed is a  browser memory corruption with websockets over SSL. Memory corruptions are often used by attackers to create exploits, especially exploits which can execute arbitrary code. The second Critical fix is a use-after-free in browser cache. Like memory corruptions, it is theoretically possible to create an exploit from use-after-free bugs . This particular bug was found by “efbiaiinzinz” who was rewarded $1337 by Google.

The full list of fixes, along with credits and rewards, is as follows:

  • [117409] High CVE-2011-3103: Crashes in v8 garbage collection. Credit to the Chromium development community (Brett Wilson).
  • [118018] Medium CVE-2011-3104: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [120912] High CVE-2011-3105: Use-after-free in first-letter handling. Credit to miaubiz.
  • [122654] Critical CVE-2011-3106: Browser memory corruption with websockets over SSL. Credit to the Chromium development community (Dharani Govindan).
  • [124625] High CVE-2011-3107: Crashes in the plug-in JavaScript bindings. Credit to the Chromium development community (Dharani Govindan).
  • [$1337] [125159] Critical CVE-2011-3108: Use-after-free in browser cache. Credit to “efbiaiinzinz”.
  • [Linux only] [$1000] [126296] High CVE-2011-3109: Bad cast in GTK UI. Credit to Micha Bartholomé.
  • [126337] [126343] [126378] [127349] [127819] [127868] High CVE-2011-3110: Out of bounds writes in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
  • [$500] [126414] Medium CVE-2011-3111: Invalid read in v8. Credit to Christian Holler.
  • [127331] High CVE-2011-3112: Use-after-free with invalid encrypted PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
  • [127883] High CVE-2011-3113: Invalid cast with colorspace handling in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
  • [128014] High CVE-2011-3114: Buffer overflows with PDF functions. Credit to Google Chrome Security Team (scarybeasts).
  • [$1000] [128018] High CVE-2011-3115: Type corruption in v8. Credit to Christian Holler.

Note that the referenced bugs are kept private until a majority of Chrome users are up to date with the fixes.

 

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks