Google Fixes Serious Flaws in Chrome, Including Critical Safe Browsing Bug

Google has fixed several serious vulnerabilities in its Chrome browser, including a critical use-after-free flaw in the Safe Browsing navigation. The company paid out its highest bug bounty of $3133.70 for that bug.

Google has fixed several serious vulnerabilities in its Chrome browser, including a critical use-after-free flaw in the Safe Browsing navigation. The company paid out its highest bug bounty of $3133.70 for that bug.

Among the other vulnerabilities Google fixed were four high-severity ones, including two other use-after-free vulnerabilities. Three of those other flaws earned $1,000 rewards for the researchers who reported them. The other one was reported through TippingPoint’s Zero Day Initiative.

The full list of vulnerabilities fixed in Chrome 16.0.912.77 includes:

  • [$1000] [106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to Arthur Gerkis.
  • [$3133.7] [107182] Critical CVE-2011-3925: Use-after-free in Safe Browsing navigation. Credit to Chamal de Silva. *
  • [108461] High CVE-2011-3928: Use-after-free in DOM handling. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1415).
  • [$1000] [108605] High CVE-2011-3927: Uninitialized value in Skia. Credit to miaubiz.
  • [$1000] [109556] High CVE-2011-3926: Heap-buffer-overflow in tree builder. Credit to Arthur Gerkis.

The use-after-free flaw in the Safe Browsing navigation actually was fixed in a previous version of Chrome, but Google officials forgot to include it in the release notes at that point.

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.