|CERT-In Vulnerability Note
Multiple Vulnerabilities in Google ChromeOS
Original Issue Date:November 14, 2023
Severity Rating: HIGH
- Google ChromeOS LTS channel version prior to 114.0.5735.339 (Platform Version: 15437.76.0)
Multiple vulnerabilities have been reported in Google ChromeOS which could allow an attacker to execute arbitrary code or cause denial-of-service (DoS) condition and bypass security on the targeted system.
These vulnerabilities exist in Google ChromeOS due to use after free in profiles, inappropriate implementation in downloads, heap buffer overflow in pdf and issue in Linux Kernel. An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted request on the targeted system.
Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause denial-of-service (DoS) condition and bypass security on the targeted system.
Update to Google ChromeOS LTS channel version 114.0.5735.339 as mentioned by the vendor.
The information provided herein is on "as is" basis, without warranty of any kind.
Email: email@example.com Phone: +91-11-24368572
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
6, CGO Complex, Lodhi Road,
New Delhi - 110 003