This update includes 19 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
[$16000][1492698] High CVE-2023-5480: Inappropriate implementation in Payments. Reported by Vsevolod Kokorin (Slonser) of Solidlab on 2023-10-14
[$11000][1492381] High CVE-2023-5482: Insufficient data validation in USB. Reported by DarkNavy on 2023-10-13
[$TBD][1492384] High CVE-2023-5849: Integer overflow in USB. Reported by DarkNavy on 2023-10-13
[$7000][40073339] High CVE-2024-3174: Inappropriate implementation in V8. Reported by Alan Goodman on 2023-09-25
[$3000][1281972] Medium CVE-2023-5850: Incorrect security UI in Downloads. Reported by Mohit Raj (shadow2639) on 2021-12-22
[$5000][40066780] Medium CVE-2023-7011: Inappropriate implementation in Picture in Picture. Reported by Axel Chong on 2023-07-03
[$3000][1473957] Medium CVE-2023-5851: Inappropriate implementation in Downloads. Reported by Shaheen Fazim on 2023-08-18
[$2000][1480852] Medium CVE-2023-5852: Use after free in Printing. Reported by [pwn2car] on 2023-09-10
[$1000][1456876] Medium CVE-2023-5853: Incorrect security UI in Downloads. Reported by Hafiizh on 2023-06-22
[$1000][40071326] Medium CVE-2023-7013: Inappropriate implementation in Compositing. Reported by Suhwan Song on 2023-09-05
[$1000][1488267] Medium CVE-2023-5854: Use after free in Profiles. Reported by Minchin Park of SSD-Disclosure Labs on 2023-10-01
[$TBD][1492396] Medium CVE-2023-5855: Use after free in Reading Mode. Reported by ChaobinZhang on 2023-10-13
[$TBD][1493380] Medium CVE-2023-5856: Use after free in Side Panel. Reported by Weipeng Jiang (@Krace) of VRI on 2023-10-17
[N/A][1493435] Medium CVE-2023-5857: Inappropriate implementation in Downloads. Reported by Will Dormann on 2023-10-18
[$3000][1457704] Low CVE-2023-5858: Inappropriate implementation in WebApp Provider. Reported by Axel Chong on 2023-06-24
[$500][1482045] Low CVE-2023-5859: Incorrect security UI in Picture In Picture. Reported by Junsung Lee on 2023-09-13
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. As usual, our ongoing internal security work was responsible for a wide range of fixes:
[1497743] Various fixes from internal audits, fuzzing and other initiatives
Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
Android releases contain the same security fixes as their corresponding Desktop release (Windows: 118.0.5993.117/.118; Mac & Linux: 118.0.5993.117), unless otherwise noted.
Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
ChromeOS Vulnerabiltity Rewards Program Reported Bug Fixes:
[$5000] [1472943] High CVE-NA Use-after-free in Virglrenderer. Reported by rinngo on 2023-08-15
[$7000] [1473956] High CVE-NA Heap buffer overflow in Virglrenderer. Reported by Bugreporterca on 2023-08-15
[$5000] [1472566] High CVE-NA Heap buffer overflow in Virglrenderer. Reported by Bugreporterca on 2023-08-14
[$1000] [1473015] Medium CVE-NA Heap buffer overflow in Virglrenderer. Reported by Bugreporterca on 2023-08-18
[$1000] [1474235] Medium CVE-NA Out-of-Bound Read in Virglrenderer. Reported by zx on 2023-08-20
[$500] [1475224] Low CVE-NA DoS in Virglrenderer. Reported by Bugreporterca on 2023-08-23
We would like to thank the security researchers that report vulnerabilities to us via bughunters.google.com to keep ChromeOS and the entire open source ecosystem secure.
Chrome Browser Security Fixes:
[TBD][1487110] Critical CVE-2023-5218: Use after free in Site Isolation. Reported by @18楼梦想改造家 on 2023-09-27
[$2000][1476952] Medium CVE-2023-5475: Inappropriate implementation in DevTools. Reported by Axel Chong on 2023-08-30
[$1000][1458934] Medium CVE-2023-5481: Inappropriate implementation in Downloads. Reported by Om Apip on 2023-06-28
[$1000][1474253] Medium CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun on 2023-08-20
[$500][1471253] Medium CVE-2023-5479: Inappropriate implementation in Extensions API. Reported by Axel Chong on 2023-08-09
[$6000][1395164] Low CVE-2023-5485: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2022-12-02
[$2000][1472404] Low CVE-2023-5478: Inappropriate implementation in Autofill. Reported by Shaheen Fazim on 2023-06-15
[$1000][1357442] Low CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh on 2022-08-29
[$1000][1484000] Low CVE-2023-5473: Use after free in Cast. Reported by DarkNavy on 2023-09-18
Other 3rd Party Security Fixes Included:
[NA] [299481133] High Fixes CVE-2023-4921 in Linux Kernel
[NA] [NA] High CVE-2023-23583
Android Runtime Container Security Fixes:
[NA] [NA] Medium Fixes CVE-2023-21143 on impacted platforms
[NA] [NA] Medium Fixes CVE-2020-29374 on impacted platforms
Users who are pinned to a specific release of ChromeOS will not receive these security fixes or any other security fixes. We recommend updating to the latest version of Stable to ensure you are protected against exploitation of known vulnerabilities.
To see fixes included in the Long Term Stable channel, see the release notes.
