8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.3%
Hello All,
The Stable channel is being updated to 120.0.6099.203 (Platform version: 15662.64.0) for most ChromeOS devices and will be rolled out over the next few days.
If you find new issues, please let us know one of the following ways:
Interested in switching channels? Find out how.
See the latest release notes.
Security Fixes and Rewards:
ChromeOS Vulnerabiltity Rewards Program Reported Bug Fixes:
[$TBD] [1466464] High CVE-TBD Out-of-bounds write in PowerVR GPU Driver. Reported by lm0963hack on 2023-07-20
[$TBD] [1477097] High CVE-TBD Out-of-bounds write in PowerVR GPU Driver. Reported by lovepink on 2023-08-30
Chrome Browser Security Fixes:
[$NA][1513170] High CVE-2023-7024: Heap buffer overflow in WebRTC. Reported by ClΓ©ment Lecigne and Vlad Stolyarov of Googleβs Threat Analysis Group on 2023-12-19
[$10000][1497984] High CVE-2023-6508: Use after free in Media Stream. Reported by Cassidy Kim(@cassidy6564) on 2023-10-31
[$1000][1494565] High CVE-2023-6509: Use after free in Side Panel Search. Reported by Khalil Zhani on 2023-10-21
[$2000][1478613] Low CVE-2023-6511: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2023-09-04
Other 3rd Party Security Fixes Included:
[NA] Medium Fixes CVE-2023-39191 in Linux Kernel
Please Note:_ Users who are pinned to a specific release of ChromeOS will not receive these security fixes or any other security fixes. We recommend updating to the latest version of Stable to ensure you are protected against exploitation of known vulnerabilities. _
To see fixes included in the Long Term Stable channel, see the Long Term Stable release notes.
- Google ChromeOS
CPE | Name | Operator | Version |
---|---|---|---|
chrome os | lt | 120.0.6099.203 |
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.3%