Multiple Vulnerabilities in Google ChromeOS
Publish Date : June 12, 24
Severity Rating: HIGH
Affected version:
• LTS channel for Google ChromeOS versions prior to 120.0.6099.314 (Platform Version: 15662.111)
Overview
Remote code execution vulnerabilities have been reported in LTS channel for ChromeOS which could be exploited by a remote attacker to execute arbitrary code on the targeted system.
Description
These vulnerabilities exist in LTS channel for ChromeOS Out of bounds component write in Streams API and Type Confusion in V8.A remote attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted Web page.
Successful exploitation of these vulnerabilities could allow remote attacker to execute arbitrary code on the targeted system.
Solution
Apply appropriate updates as mentioned in the advisory:
https://chromereleases.googleblog.com/2024/06/long-term-support-channel-update-for_10.html
Vendor Information
Google Chrome
https://chromereleases.googleblog.com/2024/06/long-term-support-channel-update-for_10.html
References
Google Chrome
https://chromereleases.googleblog.com/2024/06/long-term-support-channel-update-for_10.html
CVE Name
CVE-2024-5499
CVE-2024-5274