Government of the Republic of Trinidad and Tobago                                                                                                                                        


News

TTCSIRT-199.020419: TT-CSIRT Advisory – Chrome Security Updates

4th February 2019

Google has released a security update stating that the following issues have been discovered with Google Chrome all versions of Google Chrome prior to 72.0.3626.81:

a) Heap buffer overflow in SwiftShader – (CVE-2019-5771).

b) Heap buffer overflow in WebGL – (CVE-2019-5770).

c) Inappropriate implementation in QUIC Networking – (CVE-2019-5754).

d) Inappropriate implementation in V8 – (CVE-2019-5755).

e) Incorrect security UI in WebAPKs – (CVE-2019-5767).

f) Insufficient data validation in IndexedDB – (CVE-2019-5773).

g) Insufficient policy enforcement in Blink – (CVE-2018-18350, CVE-2018-18349).

h) Use after free in SwiftShader – (CVE-2019-5761).

i) Use after free in WebRTC – (CVE-2019-5764).

Further information on these vulnerabilities and how they can be mitigated can be found on the Google Website at https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html