Google Chrome Chrome vulnerabilities

CVE-2021-4058 [HIGH] Stable Channel Update for Desktop: CVE-2021-4058 Stable Channel Update for Desktop CVE-2021-4058: Heap buffer overflow in ANGLE. Reported by Abraruddin Khan and Omair on 2021-11-06 [$TBD][ 1270990 ] High CVE-2021-4059: Insufficient data validation in loader Reported by Luan Herrera (@lbherrera_) on 2021-11-17 [$TBD][ 1271456 ] High CVE-2021-4061: Type Confusion in V8 Severity: high

CVE-2021-4068 [LOW] Stable Channel Update for Desktop: CVE-2021-4068 Stable Channel Update for Desktop CVE-2021-4068: Insufficient validation of untrusted input in new tab page. Reported by NDevTK on 2021-10-31 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel Severity: low

CVE-2021-38011 [HIGH] Stable Channel Update for Desktop: CVE-2021-38011 Stable Channel Update for Desktop CVE-2021-38011: Use after free in storage foundation. Reported by Sergei Glazunov of Google Project Zero on 2021-11-09 [$15000][ 1262791 ] Medium CVE-2021-38012: Type Confusion in V8 Reported by Yonghwi Jin (@jinmo123) on 2021-10-24 [$10000][ 1242392 ] Medium CVE-2021-38013: Heap buffer overflow in fingerprint recognition Severity: high

CVE-2021-38007 [HIGH] Stable Channel Update for Desktop: CVE-2021-38007 Stable Channel Update for Desktop CVE-2021-38007: Type Confusion in V8. Reported by SGFvamll on 2021-09-29 [$NA][ 1241091 ] High CVE-2021-38005: Use after free in loader Reported by Sergei Glazunov of Google Project Zero on 2021-08-18 [$NA][ 1264477 ] High CVE-2021-38010: Inappropriate implementation in service workers Severity: high

CVE-2021-38008 [HIGH] Stable Channel Update for Desktop: CVE-2021-38008 Stable Channel Update for Desktop CVE-2021-38008: Use after free in media. Reported by Marcin Towalski of Cisco Talos on 2021-10-26 [$2000][ 1260649 ] High CVE-2021-38009: Inappropriate implementation in cache Reported by Luan Herrera (@lbherrera_) on 2021-10-16 [$NA][ 1240593 ] High CVE-2021-38006: Use after free in storage foundation Severity: high

CVE-2021-38017 [MEDIUM] Stable Channel Update for Desktop: CVE-2021-38017 Stable Channel Update for Desktop CVE-2021-38017: Insufficient policy enforcement in iframe sandbox. Reported by NDevTK on 2021-10-05 [$2000][ 1197889 ] Medium CVE-2021-38018: Inappropriate implementation in navigation Reported by Alesandro Ortiz on 2021-04-11 [$1000][ 1251179 ] Medium CVE-2021-38019: Insufficient policy enforcement in CORS Severity: medium

CVE-2021-38014 [MEDIUM] Stable Channel Update for Desktop: CVE-2021-38014 Stable Channel Update for Desktop CVE-2021-38014: Out of bounds write in Swiftshader. Reported by Atte Kettunen of OUSPG on 2021-09-10 [$3000][ 957553 ] Medium CVE-2021-38015: Inappropriate implementation in input Reported by David Erceg on 2019-04-29 [$3000][ 1244289 ] Medium CVE-2021-38016: Insufficient policy enforcement in background fetch Severity: medium

CVE-2021-38020 [MEDIUM] Stable Channel Update for Desktop: CVE-2021-38020 Stable Channel Update for Desktop CVE-2021-38020: Insufficient policy enforcement in contacts picker. Reported by Luan Herrera (@lbherrera_) on 2021-10-13 [$500][ 1233375 ] Medium CVE-2021-38021: Inappropriate implementation in referrer Reported by Prakash (@1lastBr3ath) and Jun Kokatsu on 2021-07-27 [$1000][ 1152952 ] Low CVE-2021-4316: Inappropriate implementation in Cast UI Severity: medium

CVE-2021-38022 [LOW] Stable Channel Update for Desktop: CVE-2021-38022 Stable Channel Update for Desktop CVE-2021-38022: Inappropriate implementation in WebAuthentication. Reported by Michal Kepkowski on 2021-09-13 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel Severity: low

CVE-2021-37999 [HIGH] Stable Channel Update for Desktop: CVE-2021-37999 Stable Channel Update for Desktop CVE-2021-37999: Insufficient data validation in New Tab Page. Reported by Ashish Arun Dhone on 2021-09-21 [$N/A][ 1249962 ] High CVE-2021-38000 : Insufficient validation of untrusted input in Intents Reported by Clement Lecigne, Neel Mehta, and Maddie Stone of Google Threat Analysis Group on 2021-09-15 [$N/A][ 1260577 ] High CVE-2021-38001 : Type Confusion in V8 Severity: high

CVE-2021-37997 [HIGH] Stable Channel Update for Desktop: CVE-2021-37997 Stable Channel Update for Desktop CVE-2021-37997: Use after free in Sign-In. Reported by Wei Yuan of MoyunSec VLab on 2021-10-14 [$7500][ 1259587 ] High CVE-2021-37998 : Use after free in Garbage Collection Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp Severity: high

CVE-2021-37984 [HIGH] Stable Channel Update for Desktop: CVE-2021-37984 Stable Channel Update for Desktop CVE-2021-37984: Heap buffer overflow in PDFium. Reported by Antti Levomäki, Joonas Pihlaja and Christian Jalio from Forcepoint on 2021-09-27 [$5000][ 1241860 ] High CVE-2021-37985 : Use after free in V8 Reported by Yangkang (@dnpushme) of 360 ATA on 2021-08-20 [$6000][ 1242404 ] Medium CVE-2021-37986 : Heap buffer overflow in Settings Severity: high

CVE-2021-37981 [HIGH] Stable Channel Update for Desktop: CVE-2021-37981 Stable Channel Update for Desktop CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-09-04 [$10000][ 1248661 ] High CVE-2021-37982 : Use after free in Incognito Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-09-11 [$10000][ 1249810 ] High CVE-2021-37983 : Use after free in Dev Tools Severity: high

CVE-2021-37987 [MEDIUM] Stable Channel Update for Desktop: CVE-2021-37987 Stable Channel Update for Desktop CVE-2021-37987: Use after free in Network APIs. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-08 [$5000][ 1228248 ] Medium CVE-2021-37988 : Use after free in Profiles Reported by raven (@raid_akame) on 2021-07-12 [$2000][ 1233067 ] Medium CVE-2021-37989 : Inappropriate implementation in Blink Severity: medium

CVE-2021-37993 [MEDIUM] Stable Channel Update for Desktop: CVE-2021-37993 Stable Channel Update for Desktop CVE-2021-37993: Use after free in PDF Accessibility. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp Severity: medium

CVE-2021-37990 [MEDIUM] Stable Channel Update for Desktop: CVE-2021-37990 Stable Channel Update for Desktop CVE-2021-37990: Inappropriate implementation in WebView. Reported by Kareem Selim of CyShield on 2021-09-07 [$TBD][ 1250660 ] Medium CVE-2021-37991 : Race in V8 Reported by Samuel Groß of Google Project Zero on 2021-09-17 [$TBD][ 1253746 ] Medium CVE-2021-37992 : Out of bounds read in WebAudio Severity: medium

CVE-2021-37996 [MEDIUM] Stable Channel Update for Desktop: CVE-2021-37996 Stable Channel Update for Desktop CVE-2021-37996: Insufficient validation of untrusted input in Downloads. Reported by Anonymous on 2021-08-24 [$3000][ 1100761 ] Low CVE-2021-37994 : Inappropriate implementation in iFrame Sandbox Reported by David Erceg on 2020-06-30 [$1000][ 1242315 ] Low CVE-2021-37995 : Inappropriate implementation in WebApp Installer Severity: medium

CVE-2021-37980 [HIGH] Stable Channel Update for Desktop: CVE-2021-37980 Stable Channel Update for Desktop CVE-2021-37980: Inappropriate implementation in Sandbox. Reported by Yonghwi Jin (@jinmo123) of Theori on 2021-09-30 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel Severity: high

CVE-2021-37977 [HIGH] Stable Channel Update for Desktop: CVE-2021-37977 Stable Channel Update for Desktop CVE-2021-37977: Use after free in Garbage Collection. Reported by Anonymous on 2021-09-24 [$7500][ 1236318 ] High CVE-2021-37978 : Heap buffer overflow in Blink Reported by Yangkang (@dnpushme) of 360 ATA on 2021-08-04 [$7500][ 1247260 ] High CVE-2021-37979 : Heap buffer overflow in WebRTC Severity: high

CVE-2021-37974 [HIGH] Stable Channel Update for Desktop: CVE-2021-37974 Stable Channel Update for Desktop CVE-2021-37974: Use after free in Safe Browsing. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-09-01 [$TBD][ 1252918 ] High CVE-2021-37975 : Use after free in V8 Reported by Anonymous on 2021-09-24 [$NA][ 1251787 ] Medium CVE-2021-37976 : Information leak in core Severity: high