Google Fixes 159 Flaws in Chrome

Google updates its Chrome browser on a very aggressive timeline, often a couple of times a month. Usually, each update includes a handful of security fixes, maybe 12 or 15. On Tuesday, the company released Chrome 38, which patched a staggering 159 vulnerabilities.

The huge majority of those patches–113 of them–fix minor vulnerabilities in the browser, but Google also fixed several high-risk flaws and one critical bug that earned the researcher who reported it a reward of more than $27,000. That reward is for a combination of vulnerabilities in the V8 engine and IPC that can enable an attacker to escape the Chrome sandbox and execute arbitrary code. Researcher Juri Aedla received a reward of $27,633.70 for reporting that series of flaws to Google.

In all, Google awarded more than $52,000 in rewards to researchers who reported vulnerabilities fixed in this release. Among the vulnerabilities that Google patched are four use-after-free flaws rated as high risks. There are two other high-risk vulnerabilities, as well as four medium-rated ones and low-risk flaw. Here’s the full list of bugs fixed in Chrome 38:

[$27633.70][416449] Critical CVE-2014-3188: A special thanks to Jüri Aedla for a combination of V8 and IPC bugs that can lead to remote code execution outside of the sandbox.
[$3000][398384] High CVE-2014-3189: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
[$3000][400476] High CVE-2014-3190: Use-after-free in Events. Credit to cloudfuzzer.
[$3000][402407] High CVE-2014-3191: Use-after-free in Rendering. Credit to cloudfuzzer.
[$2000][403276] High CVE-2014-3192: Use-after-free in DOM. Credit to cloudfuzzer.
[$1500][399655] High CVE-2014-3193: Type confusion in Session Management. Credit to miaubiz.
[$1500][401115] High CVE-2014-3194: Use-after-free in Web Workers. Credit to Collin Payne.
[$4500][403409] Medium CVE-2014-3195: Information Leak in V8. Credit to Jüri Aedla.
[$3000][338538] Medium CVE-2014-3196: Permissions bypass in Windows Sandbox. Credit to James Forshaw.
[$1500][396544] Medium CVE-2014-3197: Information Leak in XSS Auditor. Credit to Takeshi Terada.
[$1500][415307] Medium CVE-2014-3198: Out-of-bounds read in PDFium. Credit to Atte Kettunen of OUSPG.
[$500][395411] Low CVE-2014-3199: Release Assert in V8 bindings. Credit to Collin Payne.

Suggested articles

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.

ACCEPT AND CLOSE