Google on Wednesday announced a Chrome browser update that resolves five vulnerabilities, including four high-severity memory safety bugs reported by external researchers.
Tracked as CVE-2024-12692, the first of the externally reported issues is a type confusion flaw in the browser’s V8 JavaScript engine, for which Google paid out $55,000 to the researcher who reported it.
While the internet giant has kept bug details restricted, such a bug bounty amount is typically handed out for defects that could lead to remote code execution (RCE).
Type confusion issues are prevalent in programming languages that lack memory safety mechanisms and the successful exploitation of such flaws in Chrome’s V8 engine could allow threat actors to leak sensitive information or potentially compromise a victim’s system.
The second externally reported vulnerability is another memory safety issue in the V8 engine. Tracked as CVE-2024-12693 and described as an out-of-bounds memory access bug, it earned the reporting researcher a $20,000 bug bounty reward.
The browser update also addresses CVE-2024-12694, a high-severity use-after-free issue in Compositing, and CVE-2024-12695, an out-of-bounds write flaw in the V8 engine. Google has not disclosed the bug bounty amounts to be paid for these two vulnerabilities.
The latest Chrome iteration is now rolling out to users as versions 131.0.6778.204/.205 for Windows and macOS, and as version 131.0.6778.204 for Linux. Google makes no mention of any of these flaws being exploited in the wild.
Over the past several years, Google has taken multiple steps toward making it harder for threat actors to exploit memory safety defects in Chrome, while also investing in eliminating such vulnerabilities from its codebase, including through transitioning to Rust, which is considered a memory safe programming language.
The transition to Rust has led to a significant drop in memory safety bugs in Android over the past five years, and similar improvements are expected in Chrome as well, since Google will be transitioning the browser to Rust too.
Related: Google Pays $55,000 for High-Severity Chrome Browser Bug
Related: Five Eyes Agencies Publish Guidance on Eliminating Memory Safety Bugs
Related: Netsec Goggle Customizes Brave Search Results to Show Only Cybersecurity Websites
