Alert GCSA-21128 - Vulnerabilita' in Google Chrome

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

******************************************************************

Alert ID: GCSA-21128
Data: 16 Novembre 2021
Titolo: Vulnerabilita' in Google Chrome

******************************************************************


:: Descrizione del problema

Google ha rilasciato una nuova versione del browser Chrome
con la quale risolve vulnerabilita' che potrebbero essere
sfruttate da un attaccante remoto per eseguire codice arbitrario
e oltrepassare restrizioni di sicurezza su sistema target.

Per una descrizione completa delle vulnerabilita'
consultare i link alla sezione "Riferimenti".


:: Software interessato

Google Chrome versioni precedenti alla 96.0.4664.45 per Windows, Mac e
Linux


:: Impatto

Remote Code Execution
Security Restriction Bypass


:: Soluzioni

Aggiornare Google Chrome alla versione indicata.

L'aggiornamento sara' automatico per tutte le installazioni in cui non sia
stata disattivata l'opzione "aggiornamento automatico".

Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it


:: Riferimenti

Chrome Releases: Stable Channel Update for Desktop
https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html

Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38012
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38014
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38017
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38018
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38019
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38022



GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----

iD8DBQFhk3zHwZxMk2USYEIRArrTAKDbq5DBw2hlKPORDYs1Ifn10v8BZACgyUIw
lw+Sr6mXBDC/0LcuYtU+xto=
=Scb3
-----END PGP SIGNATURE-----