Use after free in WebRTC in Google Chrome before 77.0.3865.120 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Synopsis
Critical: chromium-browser security update
Type/Severity
Security Advisory: Critical
Topic
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scor ...
Several vulnerabilities have been discovered in the chromium web browser
CVE-2019-5869
Zhe Jin discovered a use-after-free issue
CVE-2019-5870
Guang Gong discovered a use-after-free issue
CVE-2019-5871
A buffer overflow issue was discovered in the skia library
CVE-2019-5872
Zhe Jin discovered a use-after-free issue
CVE-2019-58 ...
The Stable channel has been updated to 7703865120 for Windows, Mac, and Linux This will roll out over the coming days/weeks A list of all changes is available in the log
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix We will also retain restric ...
chrome-webrtc-poc
CVE-2019-13694
References:
bugschromiumorg/p/chromium/issues/detail?id=1005251
Other bugs
Not patched in current stable version, but will be patched soon( already patched in Chrome Beta 83 )