CERT-In Vulnerability Note
CIVN-2024-0330
Multiple Vulnerabilities in Google Chrome
Original Issue Date:October 28, 2024
Severity Rating: HIGH
Software Affected
- Google Chrome versions prior to 130.0.6723.69/.70 for Window and Mac
- Google Chrome versions prior to 130.0.6723.69 for Linux
Overview
Multiple vulnerabilities have been reported in Google Chrome which could allow a remote attacker to execute arbitrary code on the targeted system.
Description
These vulnerabilities exists in Google Chrome due to Inappropriate implementation in Extensions and Type Confusion in V8. A remote attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted web page.
Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code on the targeted system.
Solution
Apply appropriate updates as mentioned by the vendor
https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html
Vendor Information
Google Chrome
https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html
References
Google Chrome
https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html
CVE Name
CVE-2024-10229
CVE-2024-10230
CVE-2024-10231
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-22902657
Postal address
Indian Computer Emergency Response Team (CERT-In) Ministry of Electronics and Information Technology Government of India Electronics Niketan 6, CGO Complex, Lodhi Road, New Delhi - 110 003 India
|