Multiple security vulnerabilities have been detected in ChromeOS that could allow remote attackers to execute code remotely and access sensitive information in affected installations.
The vulnerabilities include;
- User-After-Free error affecting Google Chrome’s WebTransport component (CVE-2023-0471),
- Use-After-Free error affecting Google Chrome’s WebRTC component (CVE-2023-0472),
- Type Confusion errors affecting Google Chrome’s ServiceWorker API component (CVE-2023-0473), and
- Use-After-Free error affecting Google Chrome’s GuestView component (CVE-2023-0474).
Google has released updated versions to address these vulnerabilities, and it is recommended to apply the updates promptly to avoid being targeted by potential attacks.