Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2463 Stable Channel Update for Desktop 21 July 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Publisher: Google Operating System: Windows UNIX variants (UNIX, Linux, OSX) Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Reduced Security -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2021-30589 CVE-2021-30588 CVE-2021-30587 CVE-2021-30586 CVE-2021-30585 CVE-2021-30584 CVE-2021-30583 CVE-2021-30582 CVE-2021-30581 CVE-2021-30580 CVE-2021-30579 CVE-2021-30578 CVE-2021-30577 CVE-2021-30576 CVE-2021-30575 CVE-2021-30573 CVE-2021-30572 CVE-2021-30571 CVE-2021-30569 CVE-2021-30568 CVE-2021-30567 CVE-2021-30566 CVE-2021-30565 Original Bulletin: https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop_20.html - --------------------------BEGIN INCLUDED TEXT-------------------- Stable Channel Update for Desktop Tuesday, July 20, 2021 The Chrome team is delighted to announce the promotion of Chrome 92 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 92.0.4515.107 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 92. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed. This update includes 35 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$15000][1210985] High CVE-2021-30565: Out of bounds write in Tab Groups. Reported by David Erceg on 2021-05-19 [$10000][1202661] High CVE-2021-30566: Stack buffer overflow in Printing. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-04-26 [$10000][1211326] High CVE-2021-30567: Use after free in DevTools. Reported by DDV_UA on 2021-05-20 [$8500][1219886] High CVE-2021-30568: Heap buffer overflow in WebGL. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-06-15 [$500][1218707] High CVE-2021-30569: Use after free in sqlite. Reported by Chris Salls (@salls) of Makai Security on 2021-06-11 [$TBD][1101897] High CVE-2021-30571: Insufficient policy enforcement in DevTools. Reported by David Erceg on 2020-07-03 [$TBD][1214234] High CVE-2021-30572: Use after free in Autofill. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-05-28 [$TBD][1216822] High CVE-2021-30573: Use after free in GPU. Reported by Security For Everyone Team - https://securityforeveryone.com on 2021-06-06 [$TBD][1227315] High CVE-2021-30574: Use after free in protocol handling. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-07-08 [$15000][1213313] Medium CVE-2021-30575: Out of bounds read in Autofill. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-05-26 [$10000][1194896] Medium CVE-2021-30576: Use after free in DevTools. Reported by David Erceg on 2021-04-01 [$10000][1204811] Medium CVE-2021-30577: Insufficient policy enforcement in Installer. Reported by Jan van der Put (REQON B.V) on 2021-05-01 [$7500][1201074] Medium CVE-2021-30578: Uninitialized Use in Media. Reported by Chaoyuan Peng on 2021-04-21 [$7500][1207277] Medium CVE-2021-30579: Use after free in UI framework. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-05-10 [$5000][1189092] Medium CVE-2021-30580: Insufficient policy enforcement in Android intents. Reported by @retsew0x01 on 2021-03-17 [$5000][1194431] Medium CVE-2021-30581: Use after free in DevTools. Reported by David Erceg on 2021-03-31 [$5000][1205981] Medium CVE-2021-30582: Inappropriate implementation in Animation. Reported by George Liu on 2021-05-05 [$3000][1179290] Medium CVE-2021-30583: Insufficient policy enforcement in image handling on Windows. Reported by Muneaki Nishimura (nishimunea) on 2021-02-17 [$3000][1213350] Medium CVE-2021-30584: Incorrect security UI in Downloads. Reported by @retsew0x01 on 2021-05-26 [$N/A][1023503] Medium CVE-2021-30585: Use after free in sensor handling. Reported by niarci on 2019-11-11 [$TBD][1201032] Medium CVE-2021-30586: Use after free in dialog box handling on Windows. Reported by kkomdal with kkwon and neodal on 2021-04-21 [$N/A][1204347] Medium CVE-2021-30587: Inappropriate implementation in Compositing on Windows. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-04-30 [$5000][1195650] Low CVE-2021-30588: Type Confusion in V8. Reported by Jose Martinez (tr0y4) from VerSprite Inc. on 2021-04-04 [$3000][1180510] Low CVE-2021-30589: Insufficient validation of untrusted input in Sharing. Reported by Kirtikumar Anandrao Ramchandani (@Kirtikumar_A_R) and Patrick Walker (@homesen) on 2021-02-20 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. As usual, our ongoing internal security work was responsible for a wide range of fixes: * [1231294] Various fixes from internal audits, fuzzing and other initiatives Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL. Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues. Srinivas Sista Google Chrome - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYPe34ONLKJtyKPYoAQi+shAAkhQ8YQ8Sxq17Q36Yq6MBShPdFC3IWvCH yyqumFXCq8QAZ8DblbCBWrKW+W06O3mXVm3uQv//WT1ODFvueRrZwjS7hcKNXsyH FzsQcLu0/urYZdNl3CL/SZiPM59ytXhc4/snGWAdfyKPAQpJ4qPLBTHSBytfkLef W+cc5/If5O/hhyO+Ww+by+E/fk1mEEsSwWntYnVTRWRRE+EUIpqu2q/ktmCP++1d 9ubvsmgVri8F3Cf05EHpxo+8mihEbV0oFiCP/EGx5FpdoetOdN8delrGx9PK8r0T 3RG/K0sT+PEp7oKZh5yVrJH7VZAisyg9lLUD+cVMtlEyy4Lv9B9NRQ3SPPlsOXEN /QkFBCdqfGdlKbb8wqQyPOy+l7YGBOnAhWl6GArsklrWz8Bco9XQE2tUTDYWCI79 AkTzz64FtAZ0BRlQepCRDqWK9qhOV0aTMVJS1IobBF/TU8xR9KTE6xtVUed3k7J0 7bp95HvJTJEKr3bINQJAScsVQ4DYH3pXJTmIw2d/NwVkymVyDhwyYG6mVAsSKUg5 7N18JVtbQiTOKpevZQ3uld/5uMjrN/YQ3Ps3B1TfsDx8CV6osinyV/OOG4SHb9nk yMSc8B+A4NQEgqiT/QHLTGgqmPfsg3U/OMlotEUE+uqbcSpqhaWGDpAXwhU0Jy4o O303bfVErsk= =STVg -----END PGP SIGNATURE-----