14 Vulnerabilities Fixed in Chrome 23

Various amounts of money were given to the researchers who contributed to addressing them

By on November 7th, 2012 07:41 GMT

Chrome 23 has been released and besides the significant feature improvements, Google has also addressed a number of 14 vulnerabilities to ensure that their customers are protected against potential cyberattacks.

The high-severity security holes fixed in Chrome 23 include a use-after-free in SVG filter handling, an Integer bounds check problem in GPU command buffer, a use-after-free in video layout, a memory corruption in texture handling, a bad write in v8, and an issue with a buggy graphics driver that only affects Macs.

The medium-severity flaws refer to an integer overflow leading to out-of-bounds read in WebP handling, an out-of-bounds array access in v8, a race condition in Pepper buffer handling, a bad cast in input handling, out-of-bounds reads in Skia, a use-after-free in extension tan handling, and a use-after-free in plug-in placeholder handling.

As usual, the researchers who have identified the vulnerabilities have been rewarded. Miaubiz got a total of $3,000 (2,340 EUR), Phil Turnbull got $3,500 (2,700 EUR) and Atte Kettunen was given $2,500 (1,950 EUR).

Google Chrome for Windows is available for download here
Google Chrome for Mac is available for download here 
Google Chrome for Linux is available for download here 

Comments