Chrome 25 Fixes Nine High-Risk Vulnerabilities

Google has fixed nine high-severity vulnerabilities in its Chrome browser, as well as a dozen other flaws with the release of Chrome 25. This release is one of the few for which the company did not pay out much in the way of bug bounties, only giving out $3,500.In Chrome 25 Google also disabled the MathML implementation in the browser, fixing what the company said is a serious security problem.

Chrome patchGoogle has fixed nine high-severity vulnerabilities in its Chrome browser, as well as a dozen other flaws with the release of Chrome 25. This release is one of the few for which the company did not pay out much in the way of bug bounties, only giving out $3,500.

In Chrome 25 Google also disabled the MathML implementation in the browser, fixing what the company said is a serious security problem.

“We’ve also resolved a high severity security issue by disabling MathML in this release. The WebKit MathML implementation isn’t quite ready for prime time yet but we are excited to enable it again in a future release once the security issues have been addressed,” Jason Kersey of Google said.

In addition to that fix and the patches for nine high-risk security bugs, Google also repaired 12 other vulnerabilities. The full list of vulnerabilities fixed in Chrome 25:

  • [$1000] [172243High CVE-2013-0879: Memory corruption with web audio node. Credit to Atte Kettunen of OUSPG.
  • [$1000] [171951High CVE-2013-0880: Use-after-free in database handling. Credit to Chamal de Silva.
  • [$500] [167069Medium CVE-2013-0881: Bad read in Matroska handling. Credit to Atte Kettunen of OUSPG.
  • [$500] [165432High CVE-2013-0882: Bad memory access with excessive SVG parameters. Credit to Renata Hodovan.
  • [$500] [142169Medium CVE-2013-0883: Bad read in Skia. Credit to Atte Kettunen of OUSPG.
  • [172984Low CVE-2013-0884: Inappropriate load of NaCl. Credit to Google Chrome Security Team (Chris Evans).
  • [172369Medium CVE-2013-0885: Too many API permissions granted to web store.
  • [Mac only] [171569Medium CVE-2013-0886: Incorrect NaCl signal handling. Credit to Mark Seaborn of the Chromium development community.
  • [171065] [170836Low CVE-2013-0887: Developer tools process has too many permissions and places too much trust in the connected server.
  • [170666Medium CVE-2013-0888: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).
  • [170569Low CVE-2013-0889: Tighten user gesture check for dangerous file downloads.
  • [169973] [169966High CVE-2013-0890: Memory safety issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).
  • [169685High CVE-2013-0891: Integer overflow in blob handling. Credit to Google Chrome Security Team (Jüri Aedla).
  • [169295] [168710] [166493] [165836] [165747] [164958] [164946Medium CVE-2013-0892: Lower severity issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).
  • [168570Medium CVE-2013-0893: Race condition in media handling. Credit to Andrew Scherkus of the Chromium development community.
  • [168473High CVE-2013-0894: Buffer overflow in vorbis decoding. Credit to Google Chrome Security Team (Inferno).
  • [Linux / Mac] [167840High CVE-2013-0895: Incorrect path handling in file copying. Credit to Google Chrome Security Team (Jüri Aedla).
  • [166708High CVE-2013-0896: Memory management issues in plug-in message handling. Credit to Google Chrome Security Team (Cris Neckar).
  • [165537Low CVE-2013-0897: Off-by-one read in PDF. Credit to Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from Google Security Team.
  • [164643High CVE-2013-0898: Use-after-free in URL handling. Credit to Alexander Potapenko of the Chromium development community.
  • [160480Low CVE-2013-0899: Integer overflow in Opus handling. Credit to Google Chrome Security Team (Jüri Aedla).
  • [152442Medium CVE-2013-0900: Race condition in ICU. Credit to Google Chrome Security Team (Inferno).

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.