Hello everyone,
Chrome stable channel has been updated to 89.0.4389.72 for Windows, macOS, and Linux. This update comes with fixes for several high severity vulnerabilities. The details of the vulnerabilities are as follows:CVE ID | Vulnerability | Severity |
CVE-2021-21159 | Heap buffer overflow in TabStrip | High |
CVE-2021-21160 | Heap buffer overflow in WebAudio | High |
CVE-2021-21161 | Heap buffer overflow in TabStrip | High |
CVE-2021-21162 | Use after free in WebRTC | High |
CVE-2021-21163 | Insufficient data validation in Reader Mode | High |
CVE-2021-21164 | Insufficient data validation in Chrome for iOS | High |
CVE-2021-21165 | Object lifecycle issue in audio | High |
CVE-2021-21166 | Object lifecycle issue in audio | High |
CVE-2021-21167 | Use after free in bookmarks | Medium |
CVE-2021-21168 | Insufficient policy enforcement in appcache | Medium |
CVE-2021-21169 | Out of bounds memory access in V8 | Medium |
CVE-2021-21170 | Incorrect security UI in Loader | Medium |
CVE-2021-21171 | Incorrect security UI in TabStrip and Navigation | Medium |
CVE-2021-21172 | Insufficient policy enforcement in File System API | Medium |
CVE-2021-21173 | Side-channel information leakage in Network Internals | Medium |
CVE-2021-21174 | Inappropriate implementation in Referrer | Medium |
CVE-2021-21175 | Inappropriate implementation in Site isolation | Medium |
CVE-2021-21176 | Inappropriate implementation in full screen mode | Medium |
CVE-2021-21177 | Insufficient policy enforcement in Autofill | Medium |
CVE-2021-21178 | Inappropriate implementation in Compositing | Medium |
CVE-2021-21179 | Use after free in Network Internals | Medium |
CVE-2021-21180 | Use after free in tab search | Medium |
CVE-2020-27844 | Heap buffer overflow in OpenJPEG | Medium |
CVE-2021-21181 | Side-channel information leakage in autofill | Medium |
CVE-2021-21182 | Insufficient policy enforcement in navigations | Low |
CVE-2021-21183 | Inappropriate implementation in performance APIs | Low |
CVE-2021-21184 | Inappropriate implementation in performance APIs | Low |
CVE-2021-21185 | Insufficient policy enforcement in extensions | Low |
CVE-2021-21186 | Insufficient policy enforcement in QR scanning | Low |
CVE-2021-21187 | Insufficient data validation in URL formatting | Low |
CVE-2021-21188 | Use after free in Blink | Low |
CVE-2021-21189 | Insufficient policy enforcement in payments | Low |
CVE-2021-21190 | Uninitialized Use in PDFium | Low |
Patch ID | Bulletin ID | Patch Description |
318597 | TU-017 | Google Chrome (89.0.4389.72) |
318598 | TU-017 | Google Chrome (x64) (89.0.4389.72) |
Cheers,
The ManageEngine Team