Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2015.0011 Stable Google Chrome update addresses multiple vulnerabilities 22 January 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: Windows OS X Linux variants Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Unauthorised Access -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2015-1205 CVE-2014-7948 CVE-2014-7947 CVE-2014-7946 CVE-2014-7945 CVE-2014-7944 CVE-2014-7943 CVE-2014-7942 CVE-2014-7941 CVE-2014-7940 CVE-2014-7939 CVE-2014-7938 CVE-2014-7937 CVE-2014-7936 CVE-2014-7935 CVE-2014-7934 CVE-2014-7933 CVE-2014-7932 CVE-2014-7931 CVE-2014-7930 CVE-2014-7929 CVE-2014-7928 CVE-2014-7927 CVE-2014-7926 CVE-2014-7925 CVE-2014-7924 CVE-2014-7923 Member content until: Saturday, February 21 2015 OVERVIEW Google has released Chrome 40.0.2214.91 which includes 62 security fixes. [1] IMPACT Google has provided the following limited details regarding the vulnerabilities: "[$5000][430353] High CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning. [$4500][435880] High CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne. [$4000][434136] High CVE-2014-7925: Use-after-free in WebAudio. Credit to mark.buer. [$4000][422824] High CVE-2014-7926: Memory corruption in ICU. Credit to yangdingning. [$3500][444695] High CVE-2014-7927: Memory corruption in V8. Credit to Christian Holler. [$3500][435073] High CVE-2014-7928: Memory corruption in V8. Credit to Christian Holler. [$3000][442806] High CVE-2014-7930: Use-after-free in DOM. Credit to cloudfuzzer. [$3000][442710] High CVE-2014-7931: Memory corruption in V8. Credit to cloudfuzzer. [$2000][443115] High CVE-2014-7929: Use-after-free in DOM. Credit to cloudfuzzer. [$2000][429666] High CVE-2014-7932: Use-after-free in DOM. Credit to Atte Kettunen of OUSPG. [$2000][427266] High CVE-2014-7933: Use-after-free in FFmpeg. Credit to aohelin. [$2000][427249] High CVE-2014-7934: Use-after-free in DOM. Credit to cloudfuzzer. [$2000][402957] High CVE-2014-7935: Use-after-free in Speech. Credit to Khalil Zhani. [$1500][428561] High CVE-2014-7936: Use-after-free in Views. Credit to Christoph Diehl. [$1500][419060] High CVE-2014-7937: Use-after-free in FFmpeg. Credit to Atte Kettunen of OUSPG. [$1000][416323] High CVE-2014-7938: Memory corruption in Fonts. Credit to Atte Kettunen of OUSPG. [$1000][399951] High CVE-2014-7939: Same-origin-bypass in V8. Credit to Takeshi Terada. [$1000][433866] Medium CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz. [$1000][428557] Medium CVE-2014-7941: Out-of-bounds read in UI. Credit to Atte Kettunen of OUSPG and Christoph Diehl. [$1000][426762] Medium CVE-2014-7942: Uninitialized-value in Fonts. Credit to miaubiz. [$1000][422492] Medium CVE-2014-7943: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG. [$1000][418881] Medium CVE-2014-7944: Out-of-bounds read in PDFium. Credit to cloudfuzzer. [$1000][414310] Medium CVE-2014-7945: Out-of-bounds read in PDFium. Credit to cloudfuzzer. [$1000][414109] Medium CVE-2014-7946: Out-of-bounds read in Fonts. Credit to miaubiz. [$500][430566] Medium CVE-2014-7947: Out-of-bounds read in PDFium. Credit to fuzztercluck. [$500][414026] Medium CVE-2014-7948: Caching error in AppCache. Credit to jiayaoqijia. We would also like to thank Atte Kettunen of OUSPG, Christian Holler, cloudfuzzer and Khalil Zhani for working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $35000 in additional rewards were issued. As usual, our ongoing internal security work was responsible for a wide range of fixes [449894] CVE-2015-1205: Various fixes from internal audits, fuzzing and other initiatives. Multiple vulnerabilities in V8 fixed at the tip of the 3.30 branch (currently 3.30.33.15)". [1] MITIGATION The vendor recommends updating to the latest version of Google Chrome to correct these issues. [1] REFERENCES [1] Stable Channel Update http://googlechromereleases.blogspot.com.au/2015/01/stable-update.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVMCRahLndAQH1ShLAQLy6w//ZH9S+ccw2uTNScILbDsrl4oCNewUlY5w yZDKvsnlJ5TpRi7urakDo1IITjsoYMinmHqTfSjPx73s9f2n+mN1+4c9SWYSmEsJ RL4tUkIBhAKg4z/BaTh1wZGka04I1EODYXOshTUw3DjM718eKMHxA6ivf0WJTbX0 2t1JmdC9deBcwI7OFc45oUkrqyKEGxxz3QkYUGjUK+Dt6J4mZCWhoJ6ZZ3GDlXlX XO9qTW3qpQGuoosBFyZiDBuPANGzka+lRbOIKKnkZpxtAQ7KXUbXToiriI9LHdle NUSZlkeG+N8SdmthxHtQdhIhwgDj7dwRzEG5haL3wdYRgYcTJyRxT8JwQzdgKGYZ kRvGQqC6nHbgTBBl1oIg1zPCtzD732Qgb0W9/1jnYviyRP92rtuQv7rxEqE5qauK /wgLipRvSVnY7n8H4/eR8MHrW/JL3vBAIT2bS3JaUNr8XQeP4UsOP2oVr8NTL/JD dx1+MRFLPlrjwVvDvCRFXGGpEu89f3H1ZIIm/iQ47rOIL6qHTRe9z15wE4DD2+1G Adck7ODU5b4fCF6Zg5adgpY/86uQGVSC4jQGs+3ZdR89f7J1SfYSodXUY6BUnqpP JPAJxs9UoEv7g9ynvhfBxCw2oowv/fEOozEN1EzhQZeCOESAUfmea33USRjU+hhG SoMyXiCMcm4= =FpDs -----END PGP SIGNATURE-----