Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Chinese Researchers Earn Another $20,000 for Chrome Sandbox Escape

Researchers from Chinese cybersecurity company Qihoo 360 have earned another $20,000 from Google for a sandbox escape vulnerability affecting the Chrome web browser.

Researchers from Chinese cybersecurity company Qihoo 360 have earned another $20,000 from Google for a sandbox escape vulnerability affecting the Chrome web browser.

Google informed Chrome users on Tuesday that an update for version 89 includes eight security fixes, including for six vulnerabilities reported by external researchers.

The highest reward, $20,000, was awarded to researchers Leecraso and Guang Gong of the 360 Alpha Lab at Qihoo 360. The issue was described by Google as a use-after-free in screen capture.

Leecraso told SecurityWeek that the vulnerability, tracked as CVE-2021-21194, can be exploited to escape the Chrome sandbox. If exploited in combination with a renderer bug, it can allow an attacker to remotely execute arbitrary code outside the Chrome sandbox on the targeted user’s device.

This is not the first time Leecraso and Guang Gong have found such a vulnerability in Chrome. In fact, over the past year, 360 Alpha Lab researchers Rong Jian, Leecraso and Guang Gong have received more than $150,000 for security holes discovered in Chrome, and there still appear to be several critical and high-severity vulnerabilities for which Google has yet to determine the bug bounty.

These researchers have been named in at least 17 Chrome advisories over the past year.

The latest Chrome update also patches several other high-severity vulnerabilities, including a use-after-free in the V8 JavaScript engine, two heap buffer overflows in TabStrip, an out-of-bounds read bug affecting IPC, and a use-after-free in Aura.

Google reported last month that it paid out a total of $6.7 million in bug bounties in 2020, and roughly $28 million since its first bug bounty program was launched ten years ago.

Related: Google Awards $40,000 for Chrome Sandbox Escape Vulnerabilities

Related: Chrome Update Patches Actively Exploited FreeType Vulnerability

Related: Chrome 89 Patches Actively Exploited Vulnerability

Related: Microsoft Patches Windows Vulnerability Chained in Attacks With Chrome Bug

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Vulnerabilities

A high-severity format string vulnerability in F5 BIG-IP can be exploited to cause a DoS condition and potentially execute arbitrary code.