Linux News

Chrome update 93.0.4577.82 fixing 0-day vulnerabilities

Pinterest LinkedIn Tumblr

Google has formed a Chrome 93.0.4577.82 update, which fixes 11 vulnerabilities, including two issues already used by hackers exploits (0-day). The details have not yet been disclosed, it is only known that the first vulnerability (CVE-2021-30632) is caused by an error leading to an out-of-buffer write in the V8 JavaScript engine, and the second problem (CVE-2021-30633) is present in the Indexed DB API implementation and is connected with access to the memory area after its release (use-after-free).

Firefox 94 will change the output for X11 to use EGL by default

Other vulnerabilities include: two problems caused by accessing memory after it has been freed in the Selection and Permissions API; incorrect handling of types (Type Confusion) in the Blink engine; a buffer overflow in the ANGLE (Almost Native Graphics Layer Engine). All vulnerabilities have received the status of dangerous. Critical issues that individually allow bypassing all levels of browser protection and executing code on the system outside the sandbox environment have not been identified.

Write A Comment

Exit mobile version