KLA12264 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

1. Use after free vulnerability in Extensions API can be exploited to cause denial of service or execute arbitrary code.
2. Race condition vulnerability in WebAudio can be exploited to cause denial of service.
3. Type confusion vulnerability in V8 can be exploited to cause denial of service.
4. Use after free vulnerability in ANGLE can be exploited to cause denial of service or execute arbitrary code.
5. Use after free vulnerability in Printing can be exploited to cause denial of service or execute arbitrary code.
6. Use after free vulnerability in WebRTC can be exploited to cause denial of service or execute arbitrary code.

Original advisories

Stable Channel Update for Desktop

Related products

Google-Chrome

CVE list

CVE-2021-30601 unknown

CVE-2021-30603 unknown

CVE-2021-30598 unknown

CVE-2021-30604 unknown

CVE-2021-30600 unknown

CVE-2021-30602 unknown

CVE-2021-30599 unknown

Solution

Update to the latest version

Download Google Chrome

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

• Google Chrome earlier than 92.0.4515.159