===========================================================================
ZMCIRT Vulnerability Bulletin
ZMC-2021.09.22.1400
Google Chrome: Multiple vulnerabilities
22nd Sep 2021
===========================================================================
Product: Google Chrome
Publisher: Google
Operating System: Windows
UNIX variants (UNIX, Linux, OSX)
Impact/Access: Access Confidential Data -- Unknown/Unspecified
Reduced Security -- Unknown/Unspecified
Resolution: Patch/Upgrade
CVE Names: CVE-2021-37972 CVE-2021-37971 CVE-2021-37969
CVE-2021-37968 CVE-2021-37966 CVE-2021-37965
CVE-2021-37964 CVE-2021-37963 CVE-2021-37962
CVE-2021-37961 CVE-2021-37960 CVE-2021-37959
CVE-2021-37958 CVE-2021-37957 CVE-2021-37956
Original Bulletin:
https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html
Chrome Releases
Release updates from the Chrome team
Stable Channel Update for Desktop
Tuesday, September 21, 2021
The Chrome team is delighted to announce the promotion of Chrome 94 to the
stable channel for Windows, Mac and Linux.Chrome 94 is also promoted to our new
extended stable channel for Windows and Mac. This will roll out over the coming
days/weeks.
Chrome 94.0.4606.54 contains a number of fixes and improvements -- a list of
changes is available in the log. Watch out for upcoming Chrome and Chromium
blog posts about new features and big efforts delivered in 94.
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority
of users are updated with a fix. We will also retain restrictions if the bug
exists in a third party library that other projects similarly depend on, but
haven't yet fixed.
This update includes 19 security fixes. Below, we highlight fixes that were
contributed by external researchers. Please see the Chrome Security Page for
more information.
[$15000][1243117] High CVE-2021-37956: Use after free in Offline use. Reported
by Huyna at Viettel Cyber Security on 2021-08-24
[$7500][1242269] High CVE-2021-37957 : Use after free in WebGPU. Reported by
Looben Yang on 2021-08-23
[$3000][1223290] High CVE-2021-37958 : Inappropriate implementation in
Navigation. Reported by James Lee (@Windowsrcer) on 2021-06-24
[$1000][1229625] High CVE-2021-37959 : Use after free in Task Manager. Reported
by raven (@raid_akame) on 2021-07-15
[$TBD][1247196] High CVE-2021-37960 : Inappropriate implementation in Blink
graphics. Reported by Atte Kettunen of OUSPG on 2021-09-07
[$10000][1228557] Medium CVE-2021-37961 : Use after free in Tab Strip. Reported
by Khalil Zhani on 2021-07-13
[$10000][1231933] Medium CVE-2021-37962 : Use after free in Performance
Manager. Reported by Sri on 2021-07-22
[$3000][1199865] Medium CVE-2021-37963 : Side-channel information leakage in
DevTools. Reported by Daniel Genkin and Ayush Agarwal, University of Michigan,
Eyal Ronen and Shaked Yehezkel, Tel Aviv University, Sioli O'Connell,
University of Adelaide, and Jason Kim, Georgia Institute of Technology on
2021-04-16
[$3000][1203612] Medium CVE-2021-37964 : Inappropriate implementation in
ChromeOS Networking. Reported by Hugo Hue and Sze Yiu Chau of the Chinese
University of Hong Kong on 2021-04-28
[$3000][1239709] Medium CVE-2021-37965 : Inappropriate implementation in
Background Fetch API. Reported by Maurice Dauer on 2021-08-13
[$TBD][1238944] Medium CVE-2021-37966 : Inappropriate implementation in
Compositing. Reported by Mohit Raj (shadow2639) on 2021-08-11
[$TBD][1243622] Medium CVE-2021-37967 : Inappropriate implementation in
Background Fetch API. Reported by SorryMybad (@S0rryMybad) of Kunlun Lab on
2021-08-26
[$TBD][1245053] Medium CVE-2021-37968 : Inappropriate implementation in
Background Fetch API. Reported by Maurice Dauer on 2021-08-30
[$TBD][1245879] Medium CVE-2021-37969 : Inappropriate implementation in Google
Updater. Reported by Abdelhamid Naceri (halov) on 2021-09-02
[$TBD][1248030] Medium CVE-2021-37970 : Use after free in File System API.
Reported by SorryMybad (@S0rryMybad) of Kunlun Lab on 2021-09-09
[$1000][1219354] Low CVE-2021-37971 : Incorrect security UI in Web Browser UI.
Reported by Rayyan Bijoora on 2021-06-13
[$TBD][1234259] Low CVE-2021-37972 : Out of bounds read in libjpeg-turbo.
Reported by Xu Hanyu and Lu Yutao from Panguite-Forensics-Lab of Qianxin on
2021-07-29
We would also like to thank all security researchers that worked with us during
the development cycle to prevent security bugs from ever reaching the stable
channel.As usual, our ongoing internal security work was responsible for a wide
range of fixes:
o [1251653] Various fixes from internal audits, fuzzing and other initiatives
Many of our security bugs are detected using AddressSanitizer, MemorySanitizer,
UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.
Interested in switching release channels? Find out how here. If you find a new
issue, please let us know by filing a bug. The community help forum is also a
great place to reach out for help or learn about common issues.
Srinivas Sista
Google Chrome
ZMCIRT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. ZMCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Internet Email: report@cirt.zm
Telephone: 7070
ZMCIRT personnel answer during Zambian business hours
which are 8am to 5pm.
On call after hours for member emergencies only.
===========================================================================
Copyright @2023 ZAMBIA CIRT