Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2014.0099 A number of vulnerabilities have been identified in Google Chrome 27 August 2014 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: Windows OS X Linux variants Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Provide Misleading Information -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2014-3177 CVE-2014-3176 CVE-2014-3175 CVE-2014-3174 CVE-2014-3173 CVE-2014-3172 CVE-2014-3171 CVE-2014-3170 CVE-2014-3169 CVE-2014-3168 Member content until: Friday, September 26 2014 OVERVIEW A number of vulnerabilities have been identified in Google Chrome prior to version 37.0.2062.94. [1] IMPACT The vendor has provided the following details regarding these vulnerabilities: "Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. This update includes 50 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information. [$30000][386988] Critical CVE-2014-3176, CVE-2014-3177: A special reward to lokihardt@asrt for a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox. [$2000][369860] High CVE-2014-3168: Use-after-free in SVG. Credit to cloudfuzzer. [$2000][387389] High CVE-2014-3169: Use-after-free in DOM. Credit to Andrzej Dyjak. [$1000][390624] High CVE-2014-3170: Extension permission dialog spoofing. Credit to Rob Wu. [$4000][390928] High CVE-2014-3171: Use-after-free in bindings. Credit to cloudfuzzer. [$1500][367567] Medium CVE-2014-3172: Issue related to extension debugging. Credit to Eli Grey. [$2000][376951] Medium CVE-2014-3173: Uninitialized memory read in WebGL. Credit to jmuizelaar. [$500][389219] Medium CVE-2014-3174: Uninitialized memory read in Web Audio. Credit to Atte Kettunen from OUSPG. We would also like to thank Collin Payne, Christoph Diehl, Sebastian Mauer, Atte Kettunen, and cloudfuzzer for working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $8000 in additional rewards were issued. As usual, our ongoing internal security work responsible for a wide range of fixes: [406143] CVE-2014-3175: Various fixes from internal audits, fuzzing and other initiatives (Chrome 37)." [1] MITIGATION The vendor recommends updating to the latest version of Google Chrome to correct these issues. [1] REFERENCES [1] Stable Channel Update http://googlechromereleases.blogspot.com.au/2014/08/stable-channel-update_26.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBU/1nfhLndAQH1ShLAQK0xg//YZ/xP0i7SYlpgWx4jCxAkWmd3ZcIGhdy RRa9dUY2N//wi2O9m804Wu5w8HndDMSyhrm5EYYEtT7+oLPrCUv/7Cx+sUnB5GFR hK4jk2Kwc1cBVQNy/WyX715GSckyV1tIQCOXK53q3SMTdx0mxo657lLkCdMzy8r/ dyzhBIOTu9Fi6VJmXZnyYwR5jxfBFGHMhzl1e9pnCmMi9WinIAH4CNzWNW1qcum+ 3yII8V+JjRRkuVkgGMIlxQ67PXYQe3v785S4+OJEUBK0FvAgcQqtCQB/P6EKBwWw hOCB9rqkil83Gj+8KVRg6xFnJ9O2AAbDb9pr+KDgpfxQceV0hWEFJb9V3fS0E+aM qXyNv6whEIv2YUatEKnLxd9IMXIrYHPOTIcf0Y5I3hlVKNvKF3X2ugdY1JcpzoWU JxpuGEnV1bGNekzQPbgIulxsFE2iNR6TiHOO/5k476n5VMYqMoBRTqJOOM3He7BZ ri2/6jRjXeQ/wdQD4US/hsMtRmmoOrokz9Q5h9wGVZt1bS0/ejuIQtLgFjMjfL2S g1FKtLKWdRGqWSg1bMXGoanQ710vYAcdXhRG0m0ihtYaa8C3PjfbqvA6YJumz7L+ s8T2gyAWNQEttn6bbn7gkzkBLUm3vXkap+rAGOCiyGUoWyMj7HEvhJsHSuiPSIWE Y9H24SFsY78= =+S86 -----END PGP SIGNATURE-----