Chrome, ChromeOS
Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on reddit
Reddit
Share on whatsapp
WhatsApp

Government Of India Warns Of Severe Vulnerabilities In Chrome, ChromeOS

The government of India has warned Google Chrome and ChromeOS users of severe vulnerabilities. Here’s what you need to know.

The Indian Computer Emergency Response Team (CERT-In), which operates under Electronics and Information Technology (MeitY) has warned users of a slew of vulnerabilities in the ChromeOS and Chrome browsers.

The nodal agency which deals with cyber security threatshas updated its official website with Vulnerability Note CIVN-2023-0343 and CIVN-2023-0342.

Also, the government watchdog agency has listed out the vulnerabilities and affected versions. The website urges users to update their browsers and Chromebooks to the latest updates to prevent issues.

Google Chrome, Chromebooks Affected By Security Vulnerabilities

The vulnerabilities affecting Chromebook and Google Chrome carry High Severity ratings. According to Vulnerability Note CIVN-2023-0343 and CIVN-2023-0342, hackers can exploit these vulnerabilities to gain access to the victim’s system to bypass security protection systems on the exposed device.

Furthermore, the security note implies the vulnerabilities are linked to the use-after-free flaw in the Web Audio component of Google Chrome and ChromeOS. Here’s a list of vulnerable software versions released by CERT-In.

  • Google ChromeOS LTS channel version prior to 114.0.5735.339 (Platform version 15437.76.0)
  • Google Chrome versions prior to 119.0.6045.123 for Linus and Mac.
  • Google Chrome versions prior to 119.0.6045.123/.124 for Windows.

Moreover, the list of vulnerabilities includes:

ChromeOS: CVE-2023-5472, CVE-2023-35688, CVE-2023-21401, CVE-2023-21263 and CVE-2023-38545, CVE-2023-5481, CVE-2023-5474

Chrome: CVE-2023-5996

Risks Posed by These Vulnerabilities

As per the CERT-In security notes, these vulnerabilities are caused by use after free in profiles, issues in Linux Kernel, a heap buffer overflow in PDF and inappropriate implementation in downloads.

Attackers can use these vulnerabilities to force a victim to visit a specially crafted request on the targeted system. This will allow them to execute arbitrary code or cause denial-of-service (DoS) conditions and bypass security on the affected system.

After acknowledging these vulnerabilities, Google rolled out patches for Chrome and ChromeOS.

Vinay Patel

Vinay Patel
Vinay is a proactive writer with over 8 years of experience in writing original and high-quality content.

Read More...

Leave a Comment

Your email address will not be published. Required fields are marked *

What's New

Copyright © 2021 Auczar Plus | Developed By SanaDigital.in