Google patches 11 vulnerabilities in new Chrome, awards $2000 to researcher

Google Chrome 5.0.375.70 has been released to the Stable channel on Linux, Mac, and Windows, and fixes the following security issues:

  • [15766] Cross-origin keystroke redirection
  • [39985] Cross-origin bypass in DOM methods
  • [42723] Memory error in table layout
  • [Linux only] [43304] Linux sandbox escape
  • [43307] Bitmap stale pointer
  • [43315] Memory corruption in DOM node normalization
  • [43487] Memory corruption in text transforms
  • [43902] XSS in innerHTML property of textarea
  • [44740] Memory corruption in font handling.
  • [44868] Geolocation events fire after document deletion
  • [44955] Memory corruption in rendering of list markers.

Most of the vulnerabilities have been discovered by members of the Google Chrome Security Team. Two have been discovered by Apple, since both Chrome and Apple’s Safari are WebKit based – and Apple has uncovered and patched a massive amount of those recently.

Since Google has introduced a bounty program this January, the biggest reward for the discovery of a vulnerability has been $1,337 – for extremely critical flaws. This time around, the discovery of the cross-origin bypass in DOM methods by Sergey Glazunov has earned him $2000, but there’s no mention of the reason for this unusually high reward.