SB2018120506 - Multiple vulnerabilities in Google Chrome

Security Bulletin ID SB2018120506

Severity

High

Patch available

YES

Number of vulnerabilities 35

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 35 secuirty vulnerabilities.

1) Out-of-bounds write (CVE-ID: CVE-2018-17480)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to out-of-bounds write in V8 when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

2) Use-after-free error (CVE-ID: CVE-2018-17481)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in PDFium when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

3) Out-of-bounds write (CVE-ID: CVE-2018-18342)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to out-of-bounds write in V8 when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

4) Use-after-free error (CVE-ID: CVE-2018-18336)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in PDFium when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

5) Heap-based buffer overflow (CVE-ID: CVE-2018-18335)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in Skia when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

6) Heap-based buffer overflow (CVE-ID: CVE-2018-18338)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in Canvas when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

7) Heap-based buffer overflow (CVE-ID: CVE-2018-18341)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in Blink when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

8) Use-after-free error (CVE-ID: CVE-2018-18337)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in Blink when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

9) Use-after-free error (CVE-ID: CVE-2018-18339)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in WebAudio when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

10) Use-after-free error (CVE-ID: CVE-2018-18340)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in MediaRecorder when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

11) Use-after-free error (CVE-ID: CVE-2018-18343)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in Skia when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

12) Improper input validation (CVE-ID: CVE-2018-18344)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to inappropriate implementation in Extensions when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

13) Improper input validation (CVE-ID: N/A)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to errors in SQLite via WebSQL when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

14) Use-after-free error (CVE-ID: CVE-2018-18356)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to use-after-free error in Skia when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the browser to crash.

15) Improper input validation (CVE-ID: CVE-2018-18345)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to inappropriate implementation in Site when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and cause the browser to crash.

16) Improper input validation (CVE-ID: CVE-2018-18347)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to inappropriate implementation in Navigation when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and cause the browser to crash.

17) Improper input validation (CVE-ID: CVE-2018-18348)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to inappropriate implementation in Omnibox when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and cause the browser to crash.

18) Improper input validation (CVE-ID: CVE-2018-18352)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to inappropriate implementation in Media when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and cause the browser to crash.

19) Improper input validation (CVE-ID: CVE-2018-18353)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to inappropriate implementation in Network when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and cause the browser to crash.

20) Improper input validation (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to inappropriate implementation in PDFium when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and cause the browser to crash.

21) Improper input validation (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to inappropriate implementation in Navigation when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and cause the browser to crash.

22) Improper input validation (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to inappropriate implementation in Navigation when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and cause the browser to crash.

23) Improper input validation (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to inappropriate implementation in Navigation when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and cause the browser to crash.

24) Security restrictions bypass (CVE-ID: CVE-2018-18346)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to incorrect security UI in Blink when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions to conduct further attacks.

25) Security restrictions bypass (CVE-ID: CVE-2018-18349)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient policy enforcement in Blink when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions to conduct further attacks.

26) Security restrictions bypass (CVE-ID: CVE-2018-18350)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient policy enforcement in Blink when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions to conduct further attacks.

27) Security restrictions bypass (CVE-ID: CVE-2018-18351)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient policy enforcement in Navigation when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions to conduct further attacks.

28) Security restrictions bypass (CVE-ID: CVE-2018-18355)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient policy enforcement in URL Formatter when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions to conduct further attacks.

29) Security restrictions bypass (CVE-ID: CVE-2018-18357)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient policy enforcement in URL Formatter when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions to conduct further attacks.

30) Security restrictions bypass (CVE-ID: CVE-2018-18358)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient policy enforcement in Proxy when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions to conduct further attacks.

31) Improper input validation (CVE-ID: CVE-2018-18354)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to insufficient data validation in Shell. A remote attacker can trick the victim into visiting a specially crafted website and cause the browser to crash.

32) Out-of-bounds read (CVE-ID: CVE-2018-18359)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds read in V8. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the browser to crash.

33) Use-after-free error (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to use-after-free error in Extensions when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the browser to crash.

34) Security restrictions bypass (CVE-ID: N/A)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient policy enforcement in URL Formatter when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions to conduct further attacks.

35) Security restrictions bypass (CVE-ID: N/A)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient policy enforcement in Payments when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and bypass security restrictions to conduct further attacks.

Remediation

Install update from vendor's website.

References

https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html

SB2018120506 - Multiple vulnerabilities in Google Chrome

Breakdown by Severity

Description

Remediation

References

Please verify you're human