Google ya ƙirƙiri sabuntawa zuwa Chrome 93.0.4577.82, wanda ke gyara lahani 11, gami da matsalolin biyu waɗanda maharan suka rigaya suka yi amfani da su a cikin fa'ida (0-day). Har yanzu ba a bayyana cikakkun bayanai ba, kawai mun san cewa raunin farko (CVE-2021-30632) yana faruwa ne ta hanyar kuskuren da ke haifar da rashin iya rubutu a cikin injin V8 JavaScript, da matsala ta biyu (CVE-2021- 30633) yana cikin aiwatar da Indexed DB API kuma yana da alaƙa da samun damar wurin ƙwaƙwalwar ajiya bayan an 'yanta shi (amfani-bayan-kyauta).
Sauran raunin sun haɗa da: matsaloli guda biyu da ke haifar da samun damar ƙwaƙwalwar ajiya bayan an sake shi a cikin Zaɓin da Izinin API; kuskuren sarrafa nau'ikan (Nau'in Rudani) a cikin injin Blink; Matsakaicin buffer a cikin Layer ANGLE (Kusan Ƙwararrun Zane-zane na Ƙasa). Duk rashin lahani sun sami matsayi mai haɗari. Ba a gano wasu matsaloli masu mahimmanci waɗanda ke ba wa mutum damar ketare duk matakan kariya na burauza ba da aiwatar da lamba akan tsarin a wajen mahallin sandbox.
source: budenet.ru