Google Chrome < 96.0.4664.45 Multiple Vulnerabilities

critical Nessus Plugin ID 155353

Synopsis

A web browser installed on the remote macOS host is affected by multiple vulnerabilities.

Description

The version of Google Chrome installed on the remote macOS host is prior to 96.0.4664.45. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_11_stable-channel-update-for-desktop advisory.

- Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)

- Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38005)

- Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)

- Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)

- Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38008)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Google Chrome version 96.0.4664.45 or later.

See Also

http://www.nessus.org/u?8cf8e77e

https://crbug.com/1254189

https://crbug.com/1263620

https://crbug.com/1260649

https://crbug.com/1240593

https://crbug.com/1241091

https://crbug.com/1264477

https://crbug.com/1268274

https://crbug.com/1262791

https://crbug.com/1242392

https://crbug.com/1248567

https://crbug.com/957553

https://crbug.com/1244289

https://crbug.com/1256822

https://crbug.com/1197889

https://crbug.com/1251179

https://crbug.com/1259694

https://crbug.com/1233375

https://crbug.com/1248862

Plugin Details

Severity: Critical

ID: 155353

File Name: macosx_google_chrome_96_0_4664_45.nasl

Version: 1.10

Type: local

Agent: macosx

Published: 11/15/2021

Updated: 5/6/2022

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2021-38017

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Temporal Score: 8.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2021-38013

Vulnerability Information

CPE: cpe:/a:google:chrome

Required KB Items: MacOSX/Google Chrome/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/15/2021

Vulnerability Publication Date: 11/15/2021

Reference Information

CVE: CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008, CVE-2021-38009, CVE-2021-38010, CVE-2021-38011, CVE-2021-38012, CVE-2021-38013, CVE-2021-38014, CVE-2021-38015, CVE-2021-38016, CVE-2021-38017, CVE-2021-38018, CVE-2021-38019, CVE-2021-38020, CVE-2021-38021, CVE-2021-38022

IAVA: 2021-A-0555-S