17 January 2011
Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2011.0004.2 Google have released an update for Chrome, correcting several security vulnerabilities 17 January 2011 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome prior to 8.0.552.237 Operating System: Windows Linux variants Mac OS X Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2011-0485 CVE-2011-0484 CVE-2011-0483 CVE-2011-0482 CVE-2011-0481 CVE-2011-0480 CVE-2011-0479 CVE-2011-0478 CVE-2011-0477 CVE-2011-0476 CVE-2011-0475 CVE-2011-0474 CVE-2011-0473 CVE-2011-0472 CVE-2011-0471 CVE-2011-0470 Member content until: Sunday, February 13 2011 Revision History: January 17 2011: Added CVE references January 14 2011: Initial Release OVERVIEW Google have released an update for Chrome, correcting several security vulnerabilities. IMPACT The vendor has provided the following information regarding these vulnerabilities: "*  Medium Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community. * [$1337]  High Bad pointer handling in node iteration. Credit to Sergey Glazunov. *  High Crashes when printing multi-page PDFs. Credit to Google Chrome Security Team (Chris Evans). * [$1000]  High Stale pointer with CSS + canvas. Credit to Sergey Glazunov. * [$500]  High Stale pointer with CSS + cursors. Credit to Jan Toovsk. *  High Use after free in PDF page handling. Credit to Google Chrome Security Team (Chris Evans). * [$1000]  High Stack corruption after PDF out-of-memory condition. Credit to Jared Allar of CERT. * [$1000]  High Bad memory access with mismatched video frame sizes. Credit to Aki Helin of OUSPG; plus independent discovery by Google Chrome Security Team (SkyLined) and David Warren of CERT. * [$500]  High Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz. * [$1000]  Medium Uninitialized pointer in the browser triggered by rogue extension. Credit to kuzzcc. * [$1000]  High Vorbis decoder buffer overflows. Credit to David Warren of CERT. * [$1000]  High Buffer overflow in PDF shading. Credit to Aki Helin of OUSPG. * [$1000]  High Bad cast in anchor handling. Credit to Sergey Glazunov. * [$1000]  High Bad cast in video handling. Credit to Sergey Glazunov. * [$1000]  High Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined). * [$3133.7]  Critical Stale pointer in speech handling. Credit to Sergey Glazunov."  MITIGATION The latest version of Google Chrome (currently 8.0.552.237) can be downloaded from the vendor's website.  The update can also be applied from within Google Chrome using the built in update feature. REFERENCES  Chrome Stable Release http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: email@example.com Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iD8DBQFNM4d4/iFOrG6YcBERAvdmAKDIYCrvr7kgFwcetI85OfO6BdXuXACggfRh G2qUdLEU5ggeC/iz3d3G/Uo= =u/pQ -----END PGP SIGNATURE-----