Google has rolled out the latest version of its Chrome browser, Chrome 127. This release brings a host of improvements, prominently featuring 24 security-related fixes. Available for Windows, macOS, and Linux, the new update promises enhanced functionality and addresses several critical issues.
High severity vulnerabilities addressed are:
- CVE-2024-6988: A “use after free” vulnerability in the browser’s Downloads component.
- CVE-2024-6989: Another “use after free” vulnerability, this time in the Loader component.
- CVE-2024-6991: A third “use after free” vulnerability, affecting the Dawn component.
- CVE-2024-6992: An out-of-bounds memory access issue in the ANGLE graphics library.
- CVE-2024-6993: An inappropriate implementation vulnerability in the Canvas component.
Advertisements
Medium severity vulnerabilities addressed are:
- CVE-2024-6994: Heap buffer overflow in Layout.
- CVE-2024-6995: Inappropriate implementation in Fullscreen.
- CVE-2024-6996: Race in Frames.
- CVE-2024-6997: Use after free in Tabs.
- CVE-2024-6998: Use after free in User Education
- CVE-2024-6999: Inappropriate implementation in FedCM.
- CVE-2024-7000: Use after free in CSS.
- CVE-2024-7001: Inappropriate implementation in HTML.
Low severity Vulnerabilities addressed are:
- CVE-2024-7003: Inappropriate implementation in FedCM.
- CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing.
- CVE-2024-7005: Insufficient validation of untrusted input in Safe Browsing.
Google is already rolling out Chrome 127 for Windows, macOS, and Linux, so be sure to check for updates to ensure you’re protected from potential attacks.
