Author Archives: Cole Brown

Stable Channel Update for ChromeOS/ChromeOS Flex

The Stable channel is being updated to 118.0.5993.86 (Platform version: 15604.45.0) for most ChromeOS devices and will be rolled out over the next few days. This build contains a number of bug fixes and security updates.

If you find new issues, please let us know one of the following ways:

Interested in switching channels? Find out how.

Cole Brown,

Google ChromeOS


Security Fixes and Rewards


ChromeOS Vulnerabiltity Rewards Program Reported Bug Fixes:


[$5000] [1472943] High CVE-NA Use-after-free in Virglrenderer. Reported by rinngo on 2023-08-15

[$7000] [1473956] High CVE-NA Heap buffer overflow in Virglrenderer. Reported by Bugreporterca on 2023-08-15

[$5000] [1472566] High CVE-NA Heap buffer overflow in Virglrenderer. Reported by Bugreporterca on 2023-08-14

[$1000] [1473015] Medium CVE-NA Heap buffer overflow in Virglrenderer. Reported by Bugreporterca on 2023-08-18

[$1000] [1474235] Medium CVE-NA Out-of-Bound Read in Virglrenderer. Reported by zx on 2023-08-20

[$500] [1475224] Low CVE-NA DoS in Virglrenderer. Reported by Bugreporterca on 2023-08-23


We would like to thank the security researchers that report vulnerabilities to us via bughunters.google.com to keep ChromeOS and the entire open source ecosystem secure.


Chrome Browser Security Fixes:

[TBD][1487110] Critical CVE-2023-5218: Use after free in Site Isolation. Reported by @18楼梦想改造家 on 2023-09-27

[$2000][1476952] Medium CVE-2023-5475: Inappropriate implementation in DevTools. Reported by Axel Chong on 2023-08-30

[$1000][1458934] Medium CVE-2023-5481: Inappropriate implementation in Downloads. Reported by Om Apip on 2023-06-28

[$1000][1474253] Medium CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun on 2023-08-20

[$500][1471253] Medium CVE-2023-5479: Inappropriate implementation in Extensions API. Reported by Axel Chong on 2023-08-09

[$6000][1395164] Low CVE-2023-5485: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2022-12-02

[$3000][1472404] Low CVE-2023-5478: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2023-08-12

[$1000][1357442] Low CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh on 2022-08-29

[$1000][1484000] Low CVE-2023-5473: Use after free in Cast. Reported by DarkNavy on 2023-09-18


Other 3rd Party Security Fixes Included:

[NA]  [299481133] High Fixes CVE-2023-4921 in Linux Kernel


Android Runtime Container Security Fixes:

[NA]  [NA] Medium Fixes CVE-2023-21143 on impacted platforms

[NA]  [NA] Medium Fixes CVE-2020-29374 on impacted platforms


Users who are pinned to a specific release of ChromeOS will not receive these security fixes or any other security fixes. We recommend updating to the latest version of Stable to ensure you are protected against exploitation of known vulnerabilities. 


To see fixes included in the Long Term Stable channel, see the release notes.

Beta Channel Update for ChromeOS/ChromeOS Flex

 The Beta channel is being updated to OS version: 15604.24.0, Browser version: 118.0.5993.26 for most ChromeOS devices.

If you find new issues, please let us know one of the following ways:

  1. File a bug
  2. Visit our ChromeOS communities
    1. General: Chromebook Help Community
    2. Beta Specific: ChromeOS Beta Help Community
  3. Report an issue or send feedback on Chrome
  4. Interested in switching channels? Find out how.

Cole Brown,

Google ChromeOS

Beta Channel Update for ChromeOS/ChromeOS Flex

The Beta channel is being updated to OS version: 15604.16.0, Browser version: 118.0.5993.18 for most ChromeOS devices.

If you find new issues, please let us know one of the following ways:

  1. File a bug
  2. Visit our ChromeOS communities
    1. General: Chromebook Help Community
    2. Beta Specific: ChromeOS Beta Help Community
  3. Report an issue or send feedback on Chrome
  4. Interested in switching channels? Find out how.

Cole Brown,

Google ChromeOS

Stable Channel Update for ChromeOS/ChromeOS Flex

 The Stable channel is being updated to 114.0.5735.239 (Platform version: 15437.63.0) for most ChromeOS devices and will be rolled out over the next few days. This build contains a number of bug fixes and security updates.

If you find new issues, please let us know one of the following ways:

Interested in switching channels? Find out how.

Cole Brown,

Google ChromeOS

Stable Channel Update for ChromeOS/ChromeOS Flex

 The Stable channel is being updated to 114.0.5735.205 (Platform version: 15437.61.0) for most ChromeOS devices and will be rolled out over the next few days. This build contains a number of bug fixes and security updates.

If you find new issues, please let us know one of the following ways:

Interested in switching channels? Find out how.

Cole Brown,

Google ChromeOS

Stable Channel Update for ChromeOS/ChromeOS Flex

 The Stable channel is being updated to 114.0.5735.205 (Platform version: 15437.61.0) for most ChromeOS devices and will be rolled out over the next few days. This build contains a number of bug fixes and security updates.

If you find new issues, please let us know one of the following ways:

Interested in switching channels? Find out how.

Cole Brown,

Google ChromeOS

Stable Channel Update for ChromeOS/ChromeOS Flex

The Stable channel is being updated to 114.0.5735.143 (Platform version: 15437.57.0) for most ChromeOS devices and will be rolled out over the next few days. This build contains a number of bug fixes and security updates.

If you find new issues, please let us know one of the following ways:

Interested in switching channels? Find out how.

Cole Brown,

Google ChromeOS

Stable Channel Update for ChromeOS/ChromeOS Flex

The Stable channel is being updated to 114.0.5735.119 (Platform version: 15437.42.0) for most ChromeOS devices and will be rolled out over the next few days. This build contains a number of bug fixes and security updates.

If you find new issues, please let us know one of the following ways:

Interested in switching channels? Find out how.

Cole Brown,

Google ChromeOS


Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.


[$TBD] [1434231] Medium CVE-TBD Security:heap-buffer-overflow in rewrite_1d_image_coordinate. Reported by rinngo


[$TBD] [1433506] High CVE-TBD heap-use-after-free in vrend_draw_bind_abo_shader. Reported by rinngo


[$TBD] [1433468] High CVE-TBD Security:stack buffer overflow in  set_stream_out_varyings. Reported by rinngo


[$TBD] [1430089] High CVE-TBD UAF in sampler_state. Reported by rinngo


[$TBD] [1443107] High CVE-TBD Race Condition in amdgpu_ttm_tt_get_user_pages


[$TBD] [1443292] High CVE-TBD Adb wireless debugging bugfix bypass. Reported by Les Amateurs Team


[$TBD] [1394226] Unsigned code execution on enrolled devices via modified RMA shim

Beta Channel Update for ChromeOS/ChromeOS Flex

The Beta channel is being updated to OS version: 15437.311.0, Browser version: 114.0.5735.84 for most ChromeOS devices.

If you find new issues, please let us know one of the following ways:

  1. File a bug
  2. Visit our ChromeOS communities
    1. General: Chromebook Help Community
    2. Beta Specific: ChromeOS Beta Help Community
  3. Report an issue or send feedback on Chrome
  4. Interested in switching channels? Find out how.

Cole Brown,

Google ChromeOS

Stable Channel Update for ChromeOS/ChromeOS Flex

 The Stable channel is being updated to 110.0.5481.181 (Platform version: 15278.72.0) for most ChromeOS devices and will be rolled out over the next few days. This build contains a number of bug fixes and security updates.

If you find new issues, please let us know one of the following ways:

Interested in switching channels? Find out how.

Cole Brown,

Google ChromeOS