-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2017.0024
      Multiple vulnerabilities have been identified in Google Chrome
                               10 March 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Google Chrome
Operating System:     Windows
                      OS X
                      Linux variants
Impact/Access:        Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Denial of Service               -- Remote with User Interaction
                      Provide Misleading Information  -- Remote with User Interaction
                      Access Confidential Data        -- Remote with User Interaction
                      Reduced Security                -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2017-5046 CVE-2017-5045 CVE-2017-5044
                      CVE-2017-5043 CVE-2017-5042 CVE-2017-5041
                      CVE-2017-5040 CVE-2017-5039 CVE-2017-5038
                      CVE-2017-5037 CVE-2017-5036 CVE-2017-5035
                      CVE-2017-5034 CVE-2017-5033 CVE-2017-5032
                      CVE-2017-5031 CVE-2017-5030 CVE-2017-5029
Member content until: Sunday, April  9 2017

OVERVIEW

        Multiple vulnerabilities have been identified in Google Chrome prior
        to version 57.0.2987.98 [1]


IMPACT

        The vendor has provided the following details regarding the 
        vulnerabilities:
        
        "This update includes 36 security fixes. Below, we highlight fixes
        that were contributed by external researchers. Please see the Chrome
        Security Page for more information.
        
        [$7500][682194] High CVE-2017-5030: Memory corruption in V8. Credit
        to Brendon Tiszka
        
        [$5000][682020] High CVE-2017-5031: Use after free in ANGLE. Credit
        to Looben Yang
        
        [$3000][668724] High CVE-2017-5032: Out of bounds write in PDFium. 
        Credit to Ashfaq Ansari - Project Srishti
        
        [$3000][676623] High CVE-2017-5029: Integer overflow in libxslt. 
        Credit to Holger Fuhrmannek
        
        [$3000][678461] High CVE-2017-5034: Use after free in PDFium. Credit
        to Ke Liu of Tencent's Xuanwu LAB
        
        [$3000][688425] High CVE-2017-5035: Incorrect security UI in 
        Omnibox. Credit to Enzo Aguado
        
        [$3000][691371] High CVE-2017-5036: Use after free in PDFium. Credit
        to Anonymous
        
        [$1000][679640] High CVE-2017-5037: Multiple out of bounds writes in
        ChunkDemuxer. Credit to Yongke Wang of Tencent's Xuanwu Lab 
        (xlab.tencent.com)
        
        [$500][679649] High CVE-2017-5039: Use after free in PDFium. Credit
        to jinmo123
        
        [$2000][691323] Medium CVE-2017-5040: Information disclosure in V8.
        Credit to Choongwoo Han
        
        [$1000][642490] Medium CVE-2017-5041: Address spoofing in Omnibox. 
        Credit to Jordi Chancel
        
        [$1000][669086] Medium CVE-2017-5033: Bypass of Content Security 
        Policy in Blink. Credit to Nicolai Grødum
        
        [$1000][671932] Medium CVE-2017-5042: Incorrect handling of cookies
        in Cast. Credit to Mike Ruddy
        
        [$1000][695476] Medium CVE-2017-5038: Use after free in GuestView. 
        Credit to Anonymous
        
        [$1000][683523] Medium CVE-2017-5043: Use after free in GuestView. 
        Credit to Anonymous
        
        [$1000][688987] Medium CVE-2017-5044: Heap overflow in Skia. Credit
        to Kushal Arvind Shah of Fortinet's FortiGuard Labs
        
        [$500][667079] Medium CVE-2017-5045: Information disclosure in XSS 
        Auditor. Credit to Dhaval Kapil (vampire)
        
        [$500][680409] Medium CVE-2017-5046: Information disclosure in 
        Blink. Credit to Masato Kinugawa
        
        We would also like to thank all security researchers that worked 
        with us during the development cycle to prevent security bugs from 
        ever reaching the stable channel.
        
        As usual, our ongoing internal security work was responsible for a 
        wide range of fixes:
        
        [699618] Various fixes from internal audits, fuzzing and other 
        initiatives
        
        Many of our security bugs are detected using AddressSanitizer, 
        MemorySanitizer, Control Flow Integrity, or libFuzzer." [1]


MITIGATION

        The vendor advises users to upgrade to the latest version to fix 
        these issues. [1]


REFERENCES

        [1] Stable Channel Update for Desktop
            https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWMJLD4x+lLeg9Ub1AQgRYA//Z65IJSHq574D2T9ZV/CaMLvtGdKWOzRW
sOWmUhz4Chdiv7IrXIT4RRrnWvGop6ZxmHV4GeI7nJk/QVmRDgKvORDimZVy9UeS
0aRBjYmlDdX+d8wzLo1/roshZBMKef4WKhP6iByx5d+saDx81Ye1O7at4zqsEN9k
grqYBEErb68kIP3shySiSVhq4znryzuMLoEC+12P+efYHHD81LPEqgWm/P9pRgf1
eHx0utPHqniPGaobin3SHrEo4KeakwetDUnYdGsc4gisp4nPtET7YLsIkejac34P
owf03EqfkJKKdgJu0aOev37J5JuU51wGX7/F8uLKtTfsLcqUV+3g+GXu+QFn+XJs
v3MhF4jW3xSfxh0vNATEllQZgY4gYf3QA+bewqqRNIBu0tLjCb9V7eMHZcr0Xd/+
FkifIC7HJfLPc9vZTa8Lq/B8oE+mMbHG8A7NILuQ4vQjwMj6R5juPbtMcCPxDGc1
vIVZz4AADeAQ1ZsuTme383jllvAPV84BjgPL4RUQgIUFppccFzARX2kW/5cOcFGM
n42Mj7SNX5N4fs7iU90n8eQeenL0FcVL5NTJuOorZpAqIgOZ2dhV60rLEU18Rwno
svCgvrXFFbbVwFiM7x8VhUEKPJseFQPr+OhG7ZcnXegeaX7aHLSgkoJ+zDU+z3xz
V6QlAX6J/U0=
=oOc6
-----END PGP SIGNATURE-----