Google Fixes Chrome OS Holes

Tuesday, April 16, 2013 @ 03:04 PM gHale


Google fixed a series of serious vulnerabilities in its Chrome OS, including three high-risk bugs that could lead to code execution on vulnerable machines.

All of the vulnerabilities that Google fixed in Chrome OS are in the O3D plugin, an API that enables developers to create 3D applications for the Web. Three of the vulnerabilities are high-risk and the other flaw is a medium severity bug.

RELATED STORIES
Malware Block: Chrome’s CAMP System
ICS Patching Ineffective
Downtime: Utility Suffers Virus
Antivirus Not Catching New Viruses

The following are the vulnerabilities that Google fixed in Chrome OS 26:
• [227197] Medium CVE-2013-2832: Uninitialized memory left in buffer in O3D plug-in.Credit to Ralf-Philipp Weinmann.
• [227181] High CVE-2013-2833: Use-after-free in O3D plug-in. Credit to Ralf-Philipp Weinmann.
• [227158] High CVE-2013-2834: Origin lock bypass of O3D and Google Talk plug-ins. Credit to Ralf-Philipp Weinmann.
• [196456] High CVE-2013-2835: Origin lock bypass of O3D and Google Talk plug-ins. Credit to Google Chrome Security Team (Chris Evans).

Ralf-Philipp Weinmann, the researcher who discovered three of the flaws, received $31,336 in bug bounties from Google for his work. That’s at the highest end of the rewards that Google pays out in its Chromium reward program. Most of the rewards are in the $1,000-$3,000 range, with some going above that, depending upon the severity of the vulnerability and difficulty of exploitation.

“We’re pleased to reward Ralf-Philipp Weinmann $31,336 under the Chromium Vulnerability Rewards Program for a chain of three bugs, including demo exploit code and very detailed write-up. We are grateful to Ralf for his work to help keep our users safe,” said Ben Henry of the Chrome team.



Leave a Reply

You must be logged in to post a comment.