Overview
Google has released an update to address a vulnerability in the Chrome(https://www.google.com/chrome) browser. Users of affected versions are advised to update to the latest version.
Affected Products
Chrome version prior to 127.0.6533.72 (Linux)
Chrome version prior to 127.0.6533.72/73 (Windows)
Resolved Vulnerabilities
High-level out-of-bounds memory access vulnerability in the Angle feature (CVE-2024-6992 and 1 other) [1]
High security unvalidated vulnerability in the Canvas function (CVE-2024-6993 and 1 other) [1]
Moderate Memory Free and Reuse (UAF) Vulnerability in Css Functionality (CVE-2024-7000 and 1 other) [1]
High-level memory free and reuse (UAF) vulnerability in the Dawn function (CVE-2024-6991 and 1 other) [1]
High level memory free and reuse (UAF) vulnerability in Downloads function (CVE-2024-6988 and 1 other) [1]
Moderate security unvalidated vulnerability in the Fedcm function (CVE-2024-6999 and 1 other) [1]
Low security untested vulnerability in Fedcm functionality (CVE-2024-7003 and 1 other) [1]
Moderate Race Condition Vulnerability in Frames Functionality (CVE-2024-6996 and 1 other) [1
Moderate Security Unvalidated Vulnerability in Fullscreen Functionality (CVE-2024-6995 and 1 other) [1]
Moderate untested security vulnerability in the Html function (CVE-2024-7001 and 1 other) [1]
Moderate Heap Buffer Overflow Vulnerability in the Layout Function (CVE-2024-6994 and 1 other) [1]
High level memory free and reuse (UAF) vulnerability in the Loader function (CVE-2024-6989 and 1 other) [1]
Low-level lack of validation of untrusted input vulnerability in the Safe browsing function (CVE-2024-7004 and 3 others) [1]
Moderate Memory Free and Reuse (UAF) vulnerability in the Tabs feature (CVE-2024-6997 and 1 other) [1]
Moderate Memory Free and Reuse (UAF) vulnerability in the User education function (CVE-2024-6998 and 1 other) [1]
Vulnerability Patches
The following Vulnerability Patches were made available in the 07/23/2024 update. For more information on Vulnerability Patches, please refer to the “Google Chrome” Referenced Sites document.
Chrome 127.0.6533.72/73 and later (Windows)
Chrome 127.0.6533.72 and later (Linux)
Referenced Sites
[1] Stable Channel Update for Desktop
https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html
[2] Chrome Update
https://support.google.com/chrome/answer/95414?co=GENIE.Platform%3DDesktop
Article Link: Google Chrome browser (127.0.6533.72/73) security update advisory – ASEC