The Stable channel is being updated to OS version: 16033.43.0 Browser version: 130.0.6723.84 for most ChromeOS devices.
If you find new issues, please let us know one of the following ways
File a bug Visit our ChromeOS communities General: Chromebook Help Community Beta Specific: ChromeOS Beta Help Community Report an issue or send feedback on Chrome Interested in switching channels? Find out how .
Security Fixes and Rewards
ChromeOS Vulnerability Rewards Program Reported Bug Fixes:
N/A
Other 3rd Party Security Fixes Included:
High Fixes CVE-2024-7006 in libtiff
Medium Fixes CVE-2024-47076 CVE-2024-47175 CVE-2024-47176 CVE-2024-47177 in CUPS
Android Security fixes can be found here
Chrome Browser Security Fixes:
[$4000.0] [ 368672129] MEDIUM CVE-2024-9959 : Use after free in DevTools. Reported by Sakana.S on 2024-09-21
[$36000.0] [ 367755363 ] HIGH CVE-2024-9954: Use after free in AI. Reported by DarkNavy on 2024-09-18
[$TBD] [ 367734947 ] HIGH CVE- DCHECK failure in base_.kind() == JAVA_SCRIPT in frames.h on 2024-09-17
[$TBD] [ 366635354 ] HIGH CVE- V8 correctness failure in sources: 1e - Missing TypeError in inlined js-to-wasm wrapper for ref extern on 2024-09-14
[$1000.0] [ 364773822 ] LOW CVE-2024-9966 Inappropriate implementation in Navigations. Reported by Harry Chen on 2024-09-05
[TBD][ 375123371 ] CRITICAL CVE-2024-10487: Out of bounds write in Dawn. Reported by Apple Security Engineering and Architecture (SEAR) on 2024-10-23 [TBD][ 374310077 ] HIGH CVE-2024-10488: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2024-10-18 [TBD][ 371011220 ] HIGH CVE-2024-10229: Inappropriate implementation in Extensions. Reported by Vsevolod Kokorin (Slonser) of Solidlab on 2024-10-02
[TBD][ 371565065 ] HIGH CVE-2024-10230: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) on 2024-10-05
[TBD][ 372269618 ] HIGH CVE-2024-10231: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) on 2024-10-09
[$1000.0] [ 364508693 ] MEDIUM CVE-2024-9962 : Inappropriate implementation in Permissions. Reported by Shaheen Fazim on 2024-09-04
[$3000.0] [ 361711121 ] LOW CVE-2024-9964 : Inappropriate implementation in Payments. Reported by Hafiizh on 2024-08-23
[$2000.0] [ 354748063 ] MEDIUM CVE-2024-9960 : Use after free in Dawn. Reported by Anonymous on 2024-07-23
[$TBD] [ 328278718 ] MEDIUM CVE-2024-9963 : Insufficient data validation in Downloads. Reported by st4nly0n on 2024-03-06
[$5000.0] [ 40076120 ] MEDIUM CVE-2024-9958 Inappropriate implementation in PictureInPicture. Reported by Lyra Rebane (rebane2001) on 2023-11-02
Giuliana Pritchard
Google ChromeOS
