ChromeOS Multiple Vulnerabilities
RISK: Extremely High Risk
TYPE: Operating Systems - Others OS
Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.
Notes:
CVE-2024-7971 is being exploited in the wild. The vulnerability is caused by a type confusion weakness in the Chrome V8 JavaScript engine and can lead to remote code execution on targeted device.
CVE-2024-7965 is being exploited in the wild. The vulnerability allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Impact
- Remote Code Execution
- Denial of Service
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Version prior to 128.0.6613.133 (Platform Version: 15964.48.0)
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor. For detail, please refer to the link below:
Vulnerability Identifier
- CVE-2024-7965
- CVE-2024-7966
- CVE-2024-7967
- CVE-2024-7968
- CVE-2024-7971
- CVE-2024-7972
- CVE-2024-7974
- CVE-2024-7975
- CVE-2024-7976
- CVE-2024-7981
沒有留言:
發佈留言