Google Chrome Multiple Vulnerabilities
RISK: Extremely High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, security restriction bypass and sensitive information disclosure on the targeted system.
Notes:
CVE-2024-7971 is being exploited in the wild. The vulnerability is caused by a type confusion weakness in the Chrome V8 JavaScript engine and can lead to remote code execution on targeted device.
CVE-2024-7965 is being exploited in the wild. The vulnerability allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
[Updated on 2024-08-28]
Updated Description.
Impact
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Google Chrome prior to 128.0.6613.84 (Linux)
- Google Chrome prior to 128.0.6613.84/.85 (Mac)
- Google Chrome prior to 128.0.6613.84/.85 (Windows)
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Update to version 128.0.6613.84 (Linux) or later
- Update to version 128.0.6613.84/.85 (Mac) or later
- Update to version 128.0.6613.84/.85 (Windows) or later
Vulnerability Identifier
- CVE-2024-7964
- CVE-2024-7965
- CVE-2024-7966
- CVE-2024-7967
- CVE-2024-7968
- CVE-2024-7969
- CVE-2024-7971
- CVE-2024-7972
- CVE-2024-7973
- CVE-2024-7974
- CVE-2024-7975
- CVE-2024-7976
- CVE-2024-7977
- CVE-2024-7978
- CVE-2024-7979
- CVE-2024-7980
- CVE-2024-7981
- CVE-2024-8033
- CVE-2024-8034
- CVE-2024-8035
Source
Related Link
Related Tags
Share with