Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2018.0210 Multiple vulnerabilities have been addressed in Google Chrome 7 September 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: Windows UNIX variants (UNIX, Linux, OSX) Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Provide Misleading Information -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Reduced Security -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2018-16088 CVE-2018-16087 CVE-2018-16086 CVE-2018-16085 CVE-2018-16084 CVE-2018-16083 CVE-2018-16082 CVE-2018-16081 CVE-2018-16080 CVE-2018-16079 CVE-2018-16078 CVE-2018-16077 CVE-2018-16076 CVE-2018-16075 CVE-2018-16074 CVE-2018-16073 CVE-2018-16072 CVE-2018-16071 CVE-2018-16070 CVE-2018-16069 CVE-2018-16068 CVE-2018-16067 CVE-2018-16066 CVE-2018-16065 Member content until: Sunday, October 7 2018 OVERVIEW Multiple vulnerabilities have been addressed in Google Chrome for Windows, Mac and Linux version 69.0.3497.8 [1] IMPACT The vendor has provided the following summary: "This update includes 40 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$5000][867776] High CVE-2018-16065: Out of bounds write in V8. Reported by Brendon Tiszka on 2018-07-26 [$3000][847570] High CVE-2018-16066:Out of bounds read in Blink. Reported by cloudfuzzer on 2018-05-29 [$500][860522] High CVE-2018-16067: Out of bounds read in WebAudio. Reported by Zhe Jin Luyao Liu from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-07-05 [N/A][877182] High CVE-2018-16068: Out of bounds write in Mojo. Reported by Mark Brand of Google Project Zero on 2018-08-23 [N/A][848238] High CVE-2018-16069:Out of bounds read in SwiftShader. Reported by Mark Brand of Google Project Zero on 2018-05-31 [N/A][848716] High CVE-2018-16070: Integer overflow in Skia. Reported by Ivan Fratric of Google Project Zero on 2018-06-01 [N/A][855211] High CVE-2018-16071: Use after free in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-06-21 [$4000][864283] Medium CVE-2018-16072: Cross origin pixel leak in Chrome's interaction with Android's MediaPlayer. Reported by Jun Kokatsu (@shhnjk) on 2018-07-17 [$3000][863069] Medium CVE-2018-16073: Site Isolation bypass after tab restore. Reported by Jun Kokatsu (@shhnjk) on 2018-07-12 [$3000][863623] Medium CVE-2018-16074: Site Isolation bypass using Blob URLS. Reported by Jun Kokatsu (@shhnjk) on 2018-07-13 [$2500][864932] Medium: Out of bounds read in Little-CMS. Reported by Quang Nguyễn (@quangnh89) of Viettel Cyber Security on 2018-07-18 [$2000][788936] Medium CVE-2018-16075: Local file access in Blink. Reported by Pepe Vila (@cgvwzq) on 2017-11-27 [$2000][867501] Medium CVE-2018-16076: Out of bounds read in PDFium. Reported by Aleksandar Nikolic of Cisco Talos on 2018-07-25 [$2000][848123] Medium: Cross origin read. Reported by Luan Herrera (@lbherrera_) on 2018-05-31 [848535] Low CVE-2018-16087: Multiple download restriction bypass. [848531] Low CVE-2018-16088: User gesture requirement bypass. [$1000][377995] Medium CVE-2018-16077: Content security policy bypass in Blink. Reported by Manuel Caballero on 2014-05-27 [$1000][858820] Medium CVE-2018-16078: Credit card information leak in Autofill. Reported by Cailan Sacks on 2018-06-28 [$500][723503] Medium CVE-2018-16079: URL spoof in permission dialogs. Reported by Markus Vervier and Michele Orrù (antisnatchor) on 2017-05-17 [$500][858929] Medium CVE-2018-16080: URL spoof in full screen mode. Reported by Khalil Zhani on 2018-06-29 [N/A][666299] Medium CVE-2018-16081: Local file access in DevTools. Reported by Jann Horn of Google Project Zero on 2016-11-17 [N/A][851398] Medium CVE-2018-16082: Stack buffer overflow in SwiftShader. Reported by Omair on 2018-06-11 [N/A][856823] Medium CVE-2018-16083: Out of bounds read in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-06-26 [$1000][865202] Low CVE-2018-16084: User confirmation bypass in external protocol handling. Reported by Jun Kokatsu (@shhnjk) on 2018-07-18 [$500][844428] Low CVE-2018-16086: Script injection in New Tab Page. Reported by Alexander Shutov (Dark Reader extension) on 2018-05-18 [N/A][856578] Low CVE-2018-16085: Use after free in Memory Instrumentation. Reported by Roman Kuksin of Yandex on 2018-06-26" [1] MITIGATION The vendor advises updating to Chrome 69.0.3497.8 to address these issues. [1] REFERENCES [1] Stable Channel Update for Desktop https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW5IZHWaOgq3Tt24GAQgmGxAAmZSVBtAbinuXIk+KwQq0RHi4gzaWmNFX bW+FYLzO3ECydDHjgxlDiqS1Q0gDaxvJk6metbXk7qFZKL1WdsKzdzeuSk4AzcYY neFAV8ER7zRzmSytCBHSFdf1oeCglyRBdaT9mUZQ1vkvpKXpwE7Yvld670cG1+q2 G/fBsViBDfJQR+tdyBz0V/i09orf9SmDGTaJ4uiWZlO8U4XQZtYLsceHJIsBykHi 0fAn1XJIW2CeRGNu6nQVuhNeKjrQI/0idxECFym2Mpu64RcgZaRj+NqFOjkd6ewa N2lKF54R4l6mCXd24ru2c3wz6yOXndOEdpb0rxa0MBnjOBoHaoYYqSSMxBADTwpb v6Qtvpn5xNKa/cA31V6OvTRqFxIaKcfJgrlDTaTOL2icJSrkwJM11iIZgpA5lOpM n+bRitke1huJGQPSV1pJ/lStrGler48q/EtOw7BPMyc+AaRuvLXMdXGJjaZKsoZR vUnxJoQZEoRtZK+ZPRvqzCfE/NxEoWLngdRiWb4/MjKGWI6PzJ1Z7AM8xhcxPFfF 9CT7OKI0DTH7Y+bkfO/tSHb6H6v4yQbrItqP10g4+KDOPTW0Zb4YKE8eyBD2t1Kn sjRRkfW21vG9/ClLy/PSo6TOG9MvXE2oBwl4yrnPLxZtsk0/f/mDYqJr3k2VZNOg UUhB/k2KqIg= =PfPY -----END PGP SIGNATURE-----