Google e thehile ntlafatso ho Chrome 89.0.4389.128, e lokisang likotsi tse peli (CVE-2021-21206, CVE-2021-21220), tseo mesebetsi e sebetsang e fumanehang (0-letsatsi). Ho ba kotsing ea CVE-2021-21220 ho sebelisitsoe ho senya Chrome tlholisanong ea Pwn2Own 2021.
Tšebeliso ea ts'oaetso ena e etsoa ka ts'ebetsong ea mokhoa o itseng oa khoutu ea WebAssembly e hlophisitsoeng (bothata bo bakoa ke phoso mochine oa sebele oa WebAssembly, o u lumellang hore u ngole kapa u bale data ho aterese e sa lumellaneng mohopolong). Hoa hlokomeloa hore ts'ebetso e bonts'itsoeng ha e lumelle motho ho feta ho itšehla thajana 'me tlhaselo e felletseng e hloka ho sibolloa ha bofokoli bo bong ba ho tsoa ka lebokoseng la lehlabathe (bofokoli bo joalo bo ile ba bontšoa bakeng sa Windows tlholisanong ea Pwn2Own 2021).
Mohlala oa ts'ebeliso ea bothata bona o phatlalalitsoe ho GitHub kamora hore enjene ea V8 e lokisoe, empa ntle le ho emela ntlafatso ea sebatli e thehiloeng ho eona hore e hlahisoe (le haeba ts'ebeliso e ne e sa phatlalatsoa, bahlaseli ba ile ba khona ho etsa bocha. e ipapisitse le tlhahlobo ea liphetoho sebakeng sa polokelo ea V8, e seng e etsahetse pejana ka lebaka la boemo boo tokiso ea V8 e seng e hatisitsoe, empa lihlahisoa tse thehiloeng ho eona ha li so ntlafatsoe).
Ntle le moo, o ka hlokomela phetoho ea kemiso ea phatlalatso bakeng sa tokollo ea Chrome 90 bakeng sa Linux, Windows le macOS. Tokollo ena e ne e reriloe ka la 13 Mmesa, empa ha ea phatlalatsoa maobane, mme ke mofuta oa Android feela o lokollotsoeng. Tokollo e 'ngoe ea beta ea Chrome 90 e thehiloe kajeno. Letsatsi le lecha la tokollo ha le so phatlalatsoe.
Source: opennet.ru