Skip to main content

ChromeOS Multiple Vulnerabilities

Release Date: 10 Sep 2024 3933 Views

RISK: Extremely High Risk

TYPE: Operating Systems - Others OS

TYPE: Others OS

Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.

 

Notes:

CVE-2024-7971 is being exploited in the wild. The vulnerability is caused by a type confusion weakness in the Chrome V8 JavaScript engine and can lead to remote code execution on targeted device.

 

CVE-2024-7965 is being exploited in the wild. The vulnerability allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.


Impact

  • Remote Code Execution
  • Denial of Service
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Version prior to 128.0.6613.133  (Platform Version: 15964.48.0)

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor. For detail, please refer to the link below:


Vulnerability Identifier


Source


Related Link