Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2018.0185 Chrome Stable Channel Update for Desktop 68.0.3440.75 25 July 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Increased Privileges -- Remote with User Interaction Denial of Service -- Remote with User Interaction Provide Misleading Information -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Reduced Security -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2018-6179 CVE-2018-6178 CVE-2018-6177 CVE-2018-6176 CVE-2018-6175 CVE-2018-6174 CVE-2018-6173 CVE-2018-6172 CVE-2018-6171 CVE-2018-6170 CVE-2018-6169 CVE-2018-6168 CVE-2018-6167 CVE-2018-6166 CVE-2018-6165 CVE-2018-6164 CVE-2018-6163 CVE-2018-6162 CVE-2018-6161 CVE-2018-6160 CVE-2018-6159 CVE-2018-6158 CVE-2018-6157 CVE-2018-6156 CVE-2018-6155 CVE-2018-6154 CVE-2018-6153 CVE-2018-6044 CVE-2018-4117 Member content until: Friday, August 24 2018 Reference: ESB-2018.1327 ESB-2018.0970 ESB-2018.0964 ESB-2018.0963 OVERVIEW Multiple vulnerabilities have been addressed in Google Chrome for Windows, Mac and Linux version 68.0.3440.75 [1] IMPACT The vendor has provided the following summary: "[$5000][850350] High CVE-2018-6153: Stack buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-06-07 [$3000][848914] High CVE-2018-6154: Heap buffer overflow in WebGL. Reported by Omair on 2018-06-01 [$N/A][842265] High CVE-2018-6155: Use after free in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-05-11 [$N/A][841962] High CVE-2018-6156: Heap buffer overflow in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-05-10 [$N/A][840536] High CVE-2018-6157: Type confusion in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-05-07 [$2000][841280] Medium CVE-2018-6158: Use after free in Blink. Reported by Zhe Jin & Luyao Liu from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-05-09 [$2000][837275] Medium CVE-2018-6159: Same origin policy bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-04-26 [$1000][839822] Medium CVE-2018-6160: URL spoof in Chrome on iOS. Reported by evi1m0 of Bilibili Security Team on 2018-05-04 [$1000][826552] Medium CVE-2018-6161: Same origin policy bypass in WebAudio. Reported by Jun Kokatsu (@shhnjk) on 2018-03-27 [$1000][804123] Medium CVE-2018-6162: Heap buffer overflow in WebGL. Reported by Omair on 2018-01-21 [$500][849398] Medium CVE-2018-6163: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-06-04 [$500][848786] Medium CVE-2018-6164: Same origin policy bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-06-01 [$500][847718] Medium CVE-2018-6165: URL spoof in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-05-30 [$500][835554] Medium CVE-2018-6166: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-04-21 [$500][833143] Medium CVE-2018-6167: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-04-15 [$500][828265] Medium CVE-2018-6168: CORS bypass in Blink. Reported by Gunes Acar and Danny Y. Huang of Princeton University, Frank Li of UC Berkeley on 2018-04-03 [$500][394518] Medium CVE-2018-6169: Permissions bypass in extension installation . Reported by Sam P on 2014-07-16 [$TBD][862059] Medium CVE-2018-6170: Type confusion in PDFium. Reported by Anonymous on 2018-07-10 [$TBD][851799] Medium CVE-2018-6171: Use after free in WebBluetooth. Reported by amazon@mimetics.ca on 2018-06-12 [$TBD][847242] Medium CVE-2018-6172: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-05-28 [$TBD][836885] Medium CVE-2018-6173: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-04-25 [$N/A][835299] Medium CVE-2018-6174: Integer overflow in SwiftShader. Reported by Mark Brand of Google Project Zero on 2018-04-20 [$TBD][826019] Medium CVE-2018-6175: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-26 [$N/A][666824] Medium CVE-2018-6176: Local user privilege escalation in Extensions. Reported by Jann Horn of Google Project Zero on 2016-11-18 [$500][826187] Low CVE-2018-6177: Cross origin information leak in Blink. Reported by Ron Masas (Imperva) on 2018-03-27 [$500][823194] Low CVE-2018-6178: UI spoof in Extensions. Reported by Khalil Zhani on 2018-03-19 [$500][816685] Low CVE-2018-6179: Local file information leak in Extensions. Reported by Anonymous on 2018-02-26 [$500][797461] Low CVE-2018-6044: Request privilege escalation in Extensions . Reported by Rob Wu on 2017-12-23 [$500][791324] Low CVE-2018-4117: Cross origin information leak in Blink. Reported by AhsanEjaz - @AhsanEjazA on 2017-12-03" [1] MITIGATION The vendor advises updating to Chrome 68.0.3440.75 to address these issues. [1] REFERENCES [1] Chrome Releases: Stable Channel Update for Desktop https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW1f542aOgq3Tt24GAQgwVw//ejgDkibHPQ7DMn+XKY9qvfMQhWyV+aia 444IE82Ke1BkpegCxO8wBBxMthxCIkACzW3uiJUkURVAXc7/kzhd/UJ2QI5n6pvP FFsO+Q0T+yfOYGYqalfQnBEV5rWRLi11QQkXjZfhftGXr7e6R+I0V1JShWQROzXA JGguhvBETkbTZeErRAMxPZpeG4sEyp+imSHOzlV3JHlEs7LHUqaZDtnvGGJCMC9+ 65bdLm9S/T8mcG5wMr5N1Ry3rI7rvWp4/JO+ljcBRnFe7Cu4/GsZIov1/xU+y34r UozkhEb9t0hMsuN4bRShN/VBYay9a5mup5r9VP+eEi4sC2C6Bdahuotz8K1cslGm RQD6NVBnQOme4qwVMbsmw/qXIQB0XkZTMmZdTo5VORMg9U7dua66XxOVAWgpObI5 RMhQBIbeH8rI+Shu1AnTg9J5fwsMVDSUkvSlqj+g8LdhhueHJN17iz4pQ1jtq4Nb Ljp1W/tqmUSJnLaUsE8/92qpEZUVqNz2P0vPqDN5dcbh4mvXcWFR20LpZCzXutaU sFupM2nN6TD8+Szo/AqQ93bnqOYTvK9nTj3eZxPHLQlY4++MwAvnedNQjnAT8trH ge8anHm6638XcMym1YG1/Xkk1hSK1fj4s4LX8XRxdmcHPdHKyo/vawIF2RY69vHr TjuteWZrEss= =Qg4k -----END PGP SIGNATURE-----