CVE-2017-5029 was discovered in the handling of extensions in Google Chrome prior to version 66. This issue is due to the extensions API not checking for extensions loading successfully. A remote attacker could exploit this to bypass extension restrictions.
This issue was fixed in version 66.0.3359.117.
CVE-2017-5037 was discovered in the handling of extensions in Google Chrome prior to version 67. This issue is due to the extensions API not checking for extensions loading successfully. A remote attacker could exploit this to bypass extension restrictions.
This issue was fixed in version 67.0.3396.62.
CVE-2017-5038 was discovered in the handling of extensions in Google Chrome prior to version 67. This issue is due to the extensions API not checking for extensions loading successfully. A remote attacker could exploit this to bypass extension restrictions.This issue was fixed in version 67.0.3396.62.
This issue was fixed in version 67.0.3396.62.
CVE-2017-5039 was discovered in the handling of extensions in Google Chrome prior to version 67. This issue is due to the extensions API not checking for extensions loading successfully. A remote attacker could exploit this to bypass extension restrictions.This issue was fixed in version 67.0.3396.62.
CVE-2017-5040 was discovered in the handling of extensions in Google Chrome prior to version 67. This issue is due to
^^
This issue was fixed in version 67.0.3396.62.
CVE-2017-5041 was discovered in the handling of extensions in Google Chrome prior to version 67. This issue is due to the extensions API not checking for extensions loading successfully. A remote attacker could exploit this to bypass extension restrictions.This issue was fixed in version 67.0.3396.62.
CVE-2017-5042 was discovered in the handling of extensions in Google Chrome before 68 on OS X only, and Google Chrome before 69 on Windows, Linux, and OS X only, when using hardware acceleration . This issue is due to a race condition that allows a remote attacker to execute arbitrary code with chrome privileges .
This issue was fixed in versions 69 and later
Instalation and Update of Browser software
The issue was fixed in version 67.0.3396.62.
How to fix Chrome OS and Browser Setup – Step 1: Turn off automatic updates
This issue was fixed in version 67.0.3396.62.
CVE-2017-5041 was discovered in the handling of extensions in Google Chrome prior to version 68. This issue is due to the extensions API not checking for extensions loading successfully. A remote attacker could exploit this to bypass extension restrictions.
This issue was fixed in version 68.0.3440.24
Timeline
Published on: 02/12/2022 00:15:00 UTC
Last modified on: 04/19/2022 03:36:00 UTC
References
- https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html
- https://crbug.com/1260129
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0102