Google Chrome Browser (127.0.6533.99/.100) Security Update Advisory

Overview

Google has released an update to address a vulnerability in the Chrome(https://www.google.com/chrome) browser. Users of affected versions are advised to update to the latest version.

 

Affected Products

Chrome version prior to 127.0.6533.99 (Linux)
Chrome version prior to 127.0.6533.99/.100 (Windows, Mac)

 

Resolved Vulnerabilities

Memory access out of scope in ANGLE in Google Chrome allows remote attackers to potentially exploit heap corruption via crafted HTML pages (CVE-2024-7532)
Vulnerability in Google Chrome via Free to Share, potentially allowing remote attackers to exploit heap corruption via crafted HTML pages (CVE-2024-7533)
Vulnerability in Google Chrome due to type confusion in V8 that could potentially allow remote attackers to exploit heap corruption via crafted HTML pages (CVE-2024-7550)
Heap buffer overflow in layout in Google Chrome that could potentially allow remote attackers to exploit heap corruption via crafted HTML pages (CVE-2024-7534)
Vulnerability in Google Chrome due to improper implementation of V8 that could potentially allow remote attackers to exploit heap corruption via crafted HTML pages (CVE-2024-7535)
Vulnerability in WebAudio in Google Chrome via disabling after use, potentially allowing remote attackers to exploit heap corruption via crafted HTML pages (CVE-2024-7536)

 

Vulnerability Patches

The following Vulnerability Patches were made available in the 08/06/2024 update. For more information on Vulnerability Patches, please refer to the “Google Chrome” Referenced Sites documentation.

 

Chrome 127.0.6533.99 or later version (Linux)
Chrome 127.0.6533.99/.100 or later version (Windows, Mac)

 

Referenced Sites

[1] Stable Channel Update for Desktop

https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html

[2] Chrome Update

https://support.google.com/chrome/answer/95414?co=GENIE.Platform%3DDesktop

Article Link: Google Chrome Browser (127.0.6533.99/.100) Security Update Advisory – ASEC