26 July 2017
Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2017.0124 Multiple vulnerabilities have been identified in Google Chrome 26 July 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: Windows Linux variants OS X Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Provide Misleading Information -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2017-7000 CVE-2017-5110 CVE-2017-5109 CVE-2017-5108 CVE-2017-5107 CVE-2017-5106 CVE-2017-5105 CVE-2017-5104 CVE-2017-5103 CVE-2017-5102 CVE-2017-5101 CVE-2017-5100 CVE-2017-5099 CVE-2017-5098 CVE-2017-5097 CVE-2017-5096 CVE-2017-5095 CVE-2017-5094 CVE-2017-5093 CVE-2017-5092 CVE-2017-5091 Member content until: Friday, August 25 2017 OVERVIEW 40 vulnerabilities have been identified in Google Chrome prior to version 60.0.3112.78 for Windows, Mac, and Linux.  IMPACT Google has provided the following information concerning the vulnerabilities: "This update includes 40 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$10000] High CVE-2017-5091: Use after free in IndexedDB. Reported by Ned Williamson on 2017-06-02 [$5000] High CVE-2017-5092: Use after free in PPAPI. Reported by Yu Zhou, Yuan Deng of Ant-financial Light-Year Security Lab on 2017-06-15 [$3000] High CVE-2017-5093: UI spoofing in Blink. Reported by Luan Herrera on 2015-10-31 [$1000] High CVE-2017-5094: Type confusion in extensions. Reported by Anonymous on 2017-03-19 [$1000] High CVE-2017-5095: Out-of-bounds write in PDFium. Reported by Anonymous on 2017-06-13 [$TBD] High CVE-2017-5096: User information leak via Android intents. Reported by Takeshi Terada on 2017-04-23 [$TBD] High CVE-2017-5097: Out-of-bounds read in Skia. Reported by Anonymous on 2017-07-11 [$TBD] High CVE-2017-5098: Use after free in V8. Reported by Jihoon Kim on 2017-07-11 [$N/A] High CVE-2017-5099: Out-of-bounds write in PPAPI. Reported by Yuan Deng, Yu Zhou of Ant-financial Light-Year Security Lab on 2017-06-15 [$2000] Medium CVE-2017-5100: Use after free in Chrome Apps. Reported by Anonymous on 2017-05-04 [$1000] Medium CVE-2017-5101: URL spoofing in OmniBox. Reported by Luan Herrera on 2017-01-17 [$1000] Medium CVE-2017-5102: Uninitialized use in Skia. Reported by Anonymous on 2017-05-30 [$500] Medium CVE-2017-5103: Uninitialized use in Skia. Reported by Anonymous on 2017-05-25 [$500] Medium CVE-2017-5104: UI spoofing in browser. Reported by Khalil Zhani on 2017-06-02 [$N/A] Medium CVE-2017-7000: Pointer disclosure in SQLite. Reported by Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro's Zero Day Initiative [$1000] Low CVE-2017-5105: URL spoofing in OmniBox. Reported by Rayyan Bijoora on 2017-06-06 [$TBD] Medium CVE-2017-5106: URL spoofing in OmniBox. Reported by Jack Zac on 2017-04-24 [$N/A] Low CVE-2017-5107: User information leak via SVG. Reported by David Kohlbrenner of UC San Diego on 2017-01-27 [$N/A] Low CVE-2017-5108: Type confusion in PDFium. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2017-02-24 [$N/A] Low CVE-2017-5109: UI spoofing in browser. Reported by JosÃ© MarÃa AcuÃ±a Morgado on 2017-04-11 [$N/A] Low CVE-2017-5110: UI spoofing in payments dialog. Reported by xisigr of Tencent's Xuanwu Lab on 2017-05-02 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. As usual, our ongoing internal security work was responsible for a wide range of fixes:  Various fixes from internal audits, fuzzing and other initiatives Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer or AFL."  MITIGATION Google advises users to upgrade to the latest version to fix these issues.  REFERENCES  Stable Channel Update for Desktop https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: firstname.lastname@example.org Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWXgnBox+lLeg9Ub1AQhFJQ/+Ogfz8tdamfCqLXGFhoJ0XPTTjmllaR85 9iO1htKwTtlm1B7SXljY7bovVpMfHf8KaTexgxmgy3EOOUg1l1MKGynr3ay252gt wXTNTuL1rG/p5s9IDBw8IqD6MSiFFIZPAv/2ISenhWO5Khx316SvlAV/Kr4p6Ibh 2dNtiGYur+8Yiw9OkOZkoqdC/U+67yh+98k0Z/yObdlKDZnSf5H7ktD7zMiK/XTi B+aY2IL+Y39VlCPW7lU3ufAcBnS+563qVtQa4lI5UiwVcdW4t93P1r4jwovCtEsP vSSN/0F+wZAqHQfFqSNpZcXO5eRjG12JxpR/Y+6jtJ86XWBvczqGhPmE4OL5X9b5 goCsvKEFA/5MpVuPHqHpXfn0xsmgXLqYMvLaEUhP7rGTiUU2gN2EpDirh+6HrXFn O9yu9VIrWSA5lHJUptTIGo3jRzmO14yaXnsGfby9X5nIMUNUfU/r4caKCClJeRP2 PITmoVjR0SvLvUS5xbgCOm4Q273Vi34ECYx8GJqWVbkrM8W2R8bZTlL8aGajHHP+ C4pqKVuF/p8QcCU9lPBL9610TeBiNpEdY0VaX/1N7dCpnnYaVqXo+yBADHlAQKOb 48M0NXBb/ZAWWhe1v2BfVrZZsRdcXzXQ+rC2+j0CANUKjiPhUVgsQIf72MBdvpDD oU3tL8JC55g= =eXz3 -----END PGP SIGNATURE-----