Google has paid out a total of $40,000 for a couple of vulnerabilities that can be exploited to escape Chrome’s sandbox.
Google last week announced the release of an update for Chrome 77. Chrome 77.0.3865.90 should address a total of four vulnerabilities: a critical use-after-free bug in the UI, reported by Khalil Zhani; two high-severity use-after-free bugs in the media component; and a high-severity use-after-free in offline pages, reported by Brendon Tiszka.
While Google has yet to determine how much it will award Zhani and Tiszka for their findings, the tech giant has decided to pay out $20,000 for each of the media vulnerabilities.
The flaws, tracked as CVE-2019-13688 and CVE-2019-13687, were reported to Google by Man Yue Mo of the Semmle Security Research Team.
Fermín Serna, the CSO of Semmle, told SecurityWeek that the vulnerabilities are not very useful to attackers on their own, but can be highly valuable if combined with another type of weakness.
“The two vulnerabilities require an already compromised renderer and allows breaking out of Chrome’s sandbox. This means that another vulnerability is needed first for a chain to browse a website and get unsandboxed code execution. It is still very valuable to be able to bypass Chrome’s mitigations,” he explained via email.
Serna says his company has asked Google to donate the $40,000 reward. Google states in the rules of its Chrome Vulnerability Reward Program that it’s prepared to double donations if researchers want to donate their reward to a registered charity.
Semmle recently also earned a $10,000 bounty from Facebook for a critical DoS vulnerability in the social media giant’s Fizz TLS library. That bounty was also donated to charity and the amount was doubled by Facebook.
The company was also credited last year for finding a critical remote code execution vulnerability in the Apache Struts 2 open source development framework.
Semmle announced its global launch in August 2018, after raising $21 million in a Series B funding round. The company offers technologies designed to help organizations find coding errors that can introduce critical vulnerabilities, and for these technologies it was recently acquired by Microsoft-owned GitHub.
Related: Google Patches Actively Exploited Chrome Vulnerability
Related: Chrome 76 Patches 43 Vulnerabilities
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Intel Boasts Attack Surface Reduction With New 13th Gen Core vPro Platform
- Dole Says Employee Information Compromised in Ransomware Attack
- High-Severity Vulnerabilities Found in WellinTech Industrial Data Historian
- CISA Expands Cybersecurity Committee, Updates Baseline Security Goals
- Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant
- Organizations Notified of Remotely Exploitable Vulnerabilities in Aveva HMI, SCADA Products
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
Latest News
- CISA, NSA Issue Guidance for IAM Administrators
- Analysis: SEC Cybersecurity Proposals and Biden’s National Cybersecurity Strategy
- Intel Boasts Attack Surface Reduction With New 13th Gen Core vPro Platform
- Cisco Patches High-Severity Vulnerabilities in IOS Software
- ‘Nexus’ Android Trojan Targets 450 Financial Applications
- Tackling the Challenge of Actionable Intelligence Through Context
- Dole Says Employee Information Compromised in Ransomware Attack
- Backslash Snags $8M Seed Financing for AppSec Tech
