VRP Reported Security Fixes:
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
[$TBD] [1464456] Medium CVE-2023-4369 XSS on ChromeOS, abusable by extensions. Reported by Derin Eryilmaz.
[$TBD] [1443214] Low CVE-TBD Extension abuse in ChromeOS. Reported by Allen Ding
3rd Party Reported Security Fixes:
[NA] [NA] High Fixes CVE-2023-20593 on impacted AMD platforms
[NA] [NA] High Fixes CVE-2023-4211 on impacted Arm platforms
[NA] [NA] High Fixes CVE-2023-4128 in Linux Kernel
[NA] [NA] High Fixes CVE-2023-4147 in Linux Kernel
[NA] [NA] High Fixes CVE-2023-3390 in Linux Kernel
[NA] [NA] High Fixes CVE-2023-32804 in Arm Mali Driver Development Kit
Chrome Browser Security Fixes:
[$30000][1448548] High CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L. on 2023-05-24
[$5000][1458303] High CVE-2023-4349: Use after free in Device Trust Connectors. Reported by Weipeng Jiang (@Krace) of VRI on 2023-06-27
[$3000][1454817] High CVE-2023-4350: Inappropriate implementation in Fullscreen. Reported by Khiem Tran (@duckhiem) on 2023-06-14
[$2000][1465833] High CVE-2023-4351: Use after free in Network. Reported by Guang and Weipeng Jiang of VRI on 2023-07-18
[$NA][1452076] High CVE-2023-4352: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-06-07
[$NA][1458046] High CVE-2023-4353: Heap buffer overflow in ANGLE. Reported by Christoph Diehl / Microsoft Vulnerability Research on 2023-06-27
[$NA][1464215] High CVE-2023-4354: Heap buffer overflow in Skia. Reported by Mark Brand of Google Project Zero on 2023-07-12
[$NA][1468943] High CVE-2023-4355: Out of bounds memory access in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-07-31
[$5000][1449929] Medium CVE-2023-4356: Use after free in Audio. Reported by Zhenghang Xiao (@Kipreyyy) on 2023-05-30
[$3000][1458911] Medium CVE-2023-4357: Insufficient validation of untrusted input in XML. Reported by Igor Sak-Sakovskii on 2023-06-28
[$3000][1466415] Medium CVE-2023-4358: Use after free in DNS. Reported by Weipeng Jiang (@Krace) of VRI on 2023-07-20
[$2000][1443722] Medium CVE-2023-4359: Inappropriate implementation in App Launcher. Reported by @retsew0x01 on 2023-05-09
[$2000][1462723] Medium CVE-2023-4360: Inappropriate implementation in Color. Reported by Axel Chong on 2023-07-07
[$2000][1465230] Medium CVE-2023-4361: Inappropriate implementation in Autofill. Reported by Thomas Orlita on 2023-07-17
[$1000][1316379] Medium CVE-2023-4362: Heap buffer overflow in Mojom IDL. Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab on 2022-04-14
[$1000][1367085] Medium CVE-2023-4363: Inappropriate implementation in WebShare. Reported by Alesandro Ortiz on 2022-09-23
[$1000][1406922] Medium CVE-2023-4364: Inappropriate implementation in Permission Prompts. Reported by Jasper Rebane on 2023-01-13
[$1000][1431043] Medium CVE-2023-4365: Inappropriate implementation in Fullscreen. Reported by Hafiizh on 2023-04-06
[$1000][1450784] Medium CVE-2023-4366: Use after free in Extensions. Reported by asnine on 2023-06-02
[$500][1467743] Medium CVE-2023-4367: Insufficient policy enforcement in Extensions API. Reported by Axel Chong on 2023-07-26
[$500][1467751] Medium CVE-2023-4368: Insufficient policy enforcement in Extensions API. Reported by Axel Chong on 2023-07-26
Android Runtime Container Security Fixes:
[NA] [NA] High Fixes CVE-2023-21264 on impacted platforms
[NA] [NA] High Fixes CVE-2020-29374 on impacted platforms
We would like to thank the security researchers that report vulnerabilities to us via bughunters.google.com to keep ChromeOS and the entire open source ecosystem secure.