Double free in DOMStorage in Google Chrome before 73.0.3683.75 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Synopsis
Important: chromium-browser security update
Type/Severity
Security Advisory: Important
Topic
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...
Several vulnerabilities have been discovered in the chromium web browser
CVE-2019-5787
Zhe Jin discovered a use-after-free issue
CVE-2019-5788
Mark Brand discovered a use-after-free issue in the FileAPI
implementation
CVE-2019-5789
Mark Brand discovered a use-after-free issue in the WebMIDI
implementation
CVE-2019-5790
...
The Chrome team is delighted to announce the promotion of Chrome 73 to the stable channel for Windows, Mac and Linux This will roll out over the coming days/weeks
Chrome 730368375 contains a number of fixes and improvements -- a list of changes is available in the log Watch out for upcoming Chrome and Chromium blog po ...
There's a race condition in the destruction of the BindingState for bindings to the StoragePartitionService
It looks like the root cause of the issue is that since we can get two concurrent calls to callbacks returned from mojo::BindingSet::GetBadMessageCallback() from the same BindingSet, which results in a data race destroying the same BindingS ...