Google Chrome 91.0.4472.164 yangilanishini yaratdi, u 8 ta zaiflikni, jumladan CVE-2021-30563 muammosini tuzatadi, allaqachon tajovuzkorlar tomonidan ekspluatatsiyalarda foydalaniladi (0 kun). Tafsilotlar hali oshkor etilmagan, biz faqat zaiflik V8 JavaScript dvigatelida noto'g'ri ishlash (Type chalkashlik) tufayli yuzaga kelganligini bilamiz.
Π‘ΡΠ΅Π΄ΠΈ Π΄ΡΡΠ³ΠΈΡ
ΡΡΠ·Π²ΠΈΠΌΠΎΡΠΈΠ΅ΠΉ: ΡΡΠΈ ΠΏΡΠΎΠ±Π»Π΅ΠΌΡ Ρ ΠΎΠ±ΡΠ°ΡΠ΅Π½ΠΈΠ΅ΠΌ ΠΊ ΠΏΠ°ΠΌΡΡΠΈ ΠΏΠΎΡΠ»Π΅ Π΅Ρ ΠΎΡΠ²ΠΎΠ±ΠΎΠΆΠ΄Π΅Π½ΠΈΡ (Use after free) Π² V8, Blink XSLT ΠΈ WebSerial; Π΅ΡΡ ΠΎΠ΄Π½Π° ΠΏΡΠΎΠ±Π»Π΅ΠΌΠ° Ρ ΠΎΠ±ΡΠ°Π±ΠΎΡΠΊΠΎΠΉ ΡΠΈΠΏΠΎΠ² (Type Confusion) Π² V8; ΠΏΠ΅ΡΠ΅ΠΏΠΎΠ»Π½Π΅Π½ΠΈΡ Π±ΡΡΠ΅ΡΠΎΠ² Π² ANGLE ΠΈ WebXR.
Manba: opennet.ru