Google Chrome gets security overhaul, patches 13 bugs

Software giant updates Google Chrome stable channel to v19.0.1084.52 in a security only update.

Google Inc. patched its Chrome browser yesterday in a stable channel update, closing a total of thirteen security holes and bringing the browser version up to 19.0.1084.52 on all supported platforms (Windows, Linux and Mac OS X).  In all, the update fixes two vulnerabilities rated critical on the common vulnerability scoring system (CVSS), nine high and two medium rated.

Of the two critical bugs, the first involves Browser memory corruption with websockets over SSL. The second is a Use-after-free bug in Chrome’s browser cache. A majority of the bugs fixes involve Chrome’s memory handling. In addition to the two critical rated bugs, many of the high rated vulnerabilities are also caused by out-of-bounds reads, use-after free errors, buffer overflows and memory corruption.

The high rated vulnerabilities include:

  1. CVE-2011-3103: Chrome crashes in v8 garbage collection
  2. CVE-2011-3105: Use-after-free in first-letter handling
  3. CVE-2011-3107: Chrome crashes in the plug-in JavaScript bindings
  4. CVE-2011-3109: Bad cast in GTK UI
  5. CVE-2011-3110: Out of bounds writes in PDF
  6. CVE-2011-3112: Use-after-free with invalid encrypted PDF
  7. CVE-2011-3113: Invalid cast with colorspace handling in PDF
  8. CVE-2011-3114: Buffer overflows with PDF functions
  9. CVE-2011-3115: Type corruption in v8

The medium rated bugs include CVE-2011-3104, an out-of-bounds read in Skia; and CVE-2011-3111, an invalid read in v8 according to Google.

According to the Google chrome releases blog, many of the bugs were pinpointed using Google’s AddressSanitizer tool. Google paid out close to USD 5000 in bug-bounties as part of this update.

The details of the referenced bugs have been with-held to prevent exploits in the wild before users get a chance to patch their browsers. A full list of changes is available on the SVN revision blog. More details can been found on the Chromium security page. Updates are available through the Chrome auto-updater, or as a full download from the Chrome homepage.

Read more on Data breach incident management and recovery