Security Advisory

Google Chrome browser (126.0.6478.126/127, 126.0.6478.114/115) security update advisory

  • Jul 11 2024

Overview

Google has released an update to address a vulnerability in the Chrome(https://www.google.com/chrome) browser. Users of affected versions are advised to update to the latest version.

 

Affected Products

 

Cve-2024-6291, cve-2024-6292, cve-2024-6293

  • Chrome prior to version 126.0.6478.126 (Linux)
  • Chrome prior to version 126.0.6478.126/127 (Windows, Mac)

 

Cve-2024-6101, cve-2024-6102

  • Chrome prior to version 126.0.6478.114 (Linux)
  • Prior to Chrome 126.0.6478.114/115 (Windows, Mac)

 

 

Resolved Vulnerabilities

 

Heap corruption via a crafted HTML page could potentially be exploited by remote attackers via a post-use disable in Swiftshader (CVE-2024-6291)

Vulnerability in Dawn’s post-use disabling that could potentially allow remote attackers to exploit heap corruption via crafted HTML pages (CVE-2024-6292, CVE-2024-6293)

Improper implementation in V8 that could allow remote attackers to perform out-of-bounds memory access via crafted HTML pages (CVE-2024-6101)

An out-of-bounds memory access in Dawn could allow remote attackers to potentially exploit a heap corruption via a crafted HTML page (CVE-2024-6102)

 

Vulnerability Patches

The following Vulnerability Patches were made available in the June 24, 2024 update. For more information on Vulnerability Patches, please refer to the “Google Chrome” Referenced Sites document.

 

Cve-2024-6291, cve-2024-6292, cve-2024-6293

  • Chrome 126.0.6478.126 or later (Linux)
  • Chrome 126.0.6478.126/127 or later (Windows, Mac)

 

Vulnerability Patches were made available in the June 18, 2024 update as follows For more information on Vulnerability Patches, please refer to the “Google Chrome” Referenced Sites documentation.

 

Cve-2024-6101, cve-2024-6102

  • Chrome 126.0.6478.114 or later (Linux)
  • Chrome 126.0.6478.114/115 or later (Windows, Mac)

 

Referenced Sites

[1] Stable Channel Update for Desktop 1

https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_24.html

[2] Chrome Update

https://support.google.com/chrome/answer/95414?co=GENIE.Platform%3DDesktop

[3] Stable Channel Update for Desktop 2

https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html

Tags:

Previous Post

Next Post