This issue was addressed by improved validation of renderer process script origins. After the renderer process is created, origin restrictions are now enforced.
CVE-2018-5407: Google Chrome prior to version 72 did not properly restrict the renderer process’s access to the file system.
As a result, an attacker could potentially have established a remote channel to download and run arbitrary code on the device.
CVE-2018-5408: Google Chrome prior to version 72 allowed renderer processes to access content on local filesystems, which resulted in renderer processes being able to modify local files.
As a result, an attacker could potentially have established a remote channel to inject or steal local files.
CVE-2018-5409: Google Chrome prior to version 72 allowed renderer processes to access the file system, which resulted in renderer processes being able to read local files.
Factory data storage in Chrome prior to version 72 allowed renderer processes to access local files, which could lead to local files being exposed.
As a result, an attacker could potentially have established a remote channel to steal sensitive information from local files.
CVE-2018-5410: Google Chrome prior to version 72 allowed renderer processes to access the file system, which resulted in renderer processes being able to read local files.
Factory data storage in Chrome prior to version 72 allowed renderer processes to access local files, which could lead to local files
Authentication and session management
CVE-2018-5411: Google Chrome prior to version 72 allowed renderer processes to control the browser's clipboard, which could lead to data being exposed.
As a result, an attacker could potentially have established a remote channel to steal sensitive information from the clipboard.
CVE-2018-5412: Google Chrome prior to version 72 allowed renderer processes to access content on local filesystems, which resulted in an attacker being able to modify local files.
Factory data storage in Chrome prior to version 72 allowed renderer processes to access content on local filesystems, which could lead to an attacker being able to modify local files.
Protect Server Side Resources With Origin Verification
Server side resources, like scripts and stylesheets, should be protected with server-side origin validation.
Chrome OS
Security Enhancements
The following security enhancements have been implemented in Chrome OS:
- Enhanced sandboxing with a new entropy source.
- New app sandboxing policy.
- Improved policy enforcement checks to prevent privilege escalation.
- App can now be prevented from accessing USB devices without user approval.
Timeline
Published on: 07/21/2022 23:15:00 UTC
Last modified on: 08/15/2022 11:16:00 UTC