Overview
Google has released an update to address a vulnerability in the Chrome(https://www.google.com/chrome) browser. Users of affected versions are advised to update to the latest version.
Affected Products
Chrome version prior to 127.0.6533.99 (Linux)
Chrome version prior to 127.0.6533.99/.100 (Windows, Mac)
Resolved Vulnerabilities
Memory access out of scope in ANGLE in Google Chrome allows remote attackers to potentially exploit heap corruption via crafted HTML pages (CVE-2024-7532)
Vulnerability in Google Chrome via Free to Share, potentially allowing remote attackers to exploit heap corruption via crafted HTML pages (CVE-2024-7533)
Vulnerability in Google Chrome due to type confusion in V8 that could potentially allow remote attackers to exploit heap corruption via crafted HTML pages (CVE-2024-7550)
Heap buffer overflow in layout in Google Chrome that could potentially allow remote attackers to exploit heap corruption via crafted HTML pages (CVE-2024-7534)
Vulnerability in Google Chrome due to improper implementation of V8 that could potentially allow remote attackers to exploit heap corruption via crafted HTML pages (CVE-2024-7535)
Vulnerability in WebAudio in Google Chrome via disabling after use, potentially allowing remote attackers to exploit heap corruption via crafted HTML pages (CVE-2024-7536)
Vulnerability Patches
The following Vulnerability Patches were made available in the 08/06/2024 update. For more information on Vulnerability Patches, please refer to the “Google Chrome” Referenced Sites documentation.
Chrome 127.0.6533.99 or later version (Linux)
Chrome 127.0.6533.99/.100 or later version (Windows, Mac)
Referenced Sites
[1] Stable Channel Update for Desktop
https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html
[2] Chrome Update
https://support.google.com/chrome/answer/95414?co=GENIE.Platform%3DDesktop
Article Link: Google Chrome Browser (127.0.6533.99/.100) Security Update Advisory – ASEC