Google Sanitizes Chrome 15 for Memory Flaws

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

The general idea behind rewarding security researchers for finding flaws is that they will actually find flaws. That's precisely what is happening at Google with the Chrome web browser. Google is now out with Chrome 15, fixing a large number of flaws found by third party researchers who are being paid bug bounties for their efforts.

Google is fixing over 27 flaws and paying $26,511 in bug bounties to security researchers. The biggest payout is headed to researcher Sergey Glazunov for a number of flaws. Glazunov earned $12,174 for five high impact flaws that Google descirebes as Cross-origin policy violations. Glazunov earned an addition $1,500 for medium impact flaw related to Cookie theft with javascript URIs

Other high impact flaws fixed in Chrome 15 include:

  • CVE-2011-2845: URL bar spoof in history handling
  • CVE-2011-3882: Use-after-free in media buffer handling
  • CVE-2011-3883: Use-after-free in counter handling.
  • CVE-2011-3884: Timing issues in DOM traversal.
  • CVE-2011-3885: Stale style bugs leading to use-after-free.
  • CVE-2011-3886: Out of bounds writes in v8.
  • CVE-2011-3888: Use-after-free with plug-in and editing.
  • CVE-2011-3889: Heap overflow in Web Audio.
  • CVE-2011-3890: Use-after-free in video source handling
  • CVE-2011-3891: Exposure of internal v8 functions.

Ten flaws fixed in the Chrome 15 updates were discovered with an open source project called, AddressSanitizer. The AddressSanitizer is a memory error detector for C/C++ and is able to help identify out-of-bounds access issues as well as use-after-free memory conditions.

In addition to the identified flaws, Chrome 15 also provides new mitigation to help protect against the SSL BEAST attack. SSL BEAST takes advantage of known flaws in the TSL 1.0 implementation of SSL.

"Although Chrome is not directly affected by the attack, the NSS network library was updated to include a defense against so-called BEAST," Google Chrome developer, Karen Grunberg blogged.

Looking beyond security fixes, Google has also made some incremental feature improvements with Chrome 15. There is a new Tab page layout that shows a user's most visited sites. Additionally, Google has updated the look for the Chrome app store.

"Apps and extensions are now presented in a wall of images that’s updated every time you visit the store," Google Product Manager, Shannon Guymon blogged. "We hope this will help you quickly scan the store and find interesting things to try out. In addition, apps and extensions are easier to install—just hover over an image on the grid and click Add to Chrome."

Sean Michael Kerner is a senior editor at InternetNews.com, the news service of Internet.com, the network for technology professionals.