Google recently started rolling out a new Chrome desktop update for Windows, Mac And Linux. The reason for this is that there are many security holes in the current version of the browser.
Chrome desktop update comes under version number 90.0.4430.85 and comes with seven different security patches. In the Chrome versions section of Google Blog The company describes five of the errors it found.
Chromebook errors listed
The five bugs were reported in March and April of this year and fixed by outside researchers. These include the CVE-2021-21222: V8 buffer overrun. With buffer overflow, software writes data to buffer that doesn’t have enough space for it. Heap buffer overflow is a variation of this, as the overflow occurs in the heap data area.
The other vulnerability that has been addressed is CVE-2021-21224, which is a kind of confusion in V8. Usually some kind of confusion results from a piece of code that doesn’t check the type of object being passed in. Google notes that the company understands that this vulnerability exists “in the wild.”
In addition, the Google Chrome The update also fixes CVE-2021-21223: Mojo integer overrun, CVE-2021-21225: Out-of-bounds memory access in V8 and CVE-2021-21226: “Use after free” error in Navigation. The latter relates to the incorrect use of dynamic memory during a certain procedure in the program.
Google thanks the five outside researchers in its blog post, saying its homeland security team is responsible for a wide range of Chrome fixes. These are, among other things, the result of internal controls and ambiguities. Several errors were detected with AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Intergrity, libFuzzer, and AFL.