Various fixes from internal audits, fuzzing and other initiatives Google is aware of reports that an exploit for CVE-2024-0519 exists in the wild.Īs usual, our ongoing internal security work was responsible for a wide range of fixes:
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
High CVE-2024-0519: Out of bounds memory access in V8. Reported by Ganjiang of ChaMd5-H1 team on High CVE-2024-0518: Type Confusion in V8. Reported by Toan (suto) Pham of Qrious Secure on
High CVE-2024-0517: Out of bounds write in V8. Please see the Chrome Security Page for more information. Below, we highlight fixes that were contributed by external researchers. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. The Extended Stable channel has been updated to 1.234 for Mac and 1.225 for Windows which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. The Stable channel has been updated to 1.234 for Mac and 1.224 for Linux and 1.224/225 to Windows which will roll out over the coming days/weeks.
