Google has released a security update for its Chrome browser on Android devices, solving seven medium-risk vulnerabilities and paying out a overall of $3,500 in rewards to two researchers.
The update repairs two medium-rated bugs reported by Artem Chaykin for which he obtained a sum of $1,000 in rewards. The first fixes an issue with data and credential disclosure by file:// URLs and the second resolves a problem with current-tab cross-application scripting (UXSS).
Google pushed these updates on the same day that Jon Oberheide of Duo Security published a blog post showing the findings of their X-Ray projects, which revealed that more than half of Android devices contain vulnerabilities that could be exploited by attackers to take complete control of user’s devices.
Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
- [$500] [138210] Medium Information and credential disclosure by file:// URLs. Credit to Artem Chaykin.
- [$500] [138035] Medium Current-tab cross-application scripting (UXSS). Credit to Artem Chaykin.
- [$500] [144813] Medium UXSS via Intent extra data. Credit to Takeshi Terada.
- [$500] [144820] Medium Information and credential disclosure by file:// URLs. Credit to Takeshi Terada.
- [$500] [137532] Medium Android APIs exposed to JavaScript. Credit to Takeshi Terada.
- [$500] [144866] Medium Bypassing same-origin policy for local files with symlinks. Credit to Takeshi Terada.
- [$500] [141889] Medium Cookie theft by malicious local Android app. Credit to Takeshi Terada.
