The Stable channel is being updated to OS version: 16033.43.0 Browser version: 130.0.6723.84 for most ChromeOS devices.

If you find new issues, please let us know one of the following ways

  1. File a bug
  2. Visit our ChromeOS communities
    1. General: Chromebook Help Community
    2. Beta Specific: ChromeOS Beta Help Community
  3. Report an issue or send feedback on Chrome

Interested in switching channels? Find out how.


Security Fixes and Rewards

ChromeOS Vulnerability Rewards Program Reported Bug Fixes:

N/A

Other 3rd Party Security Fixes Included:

High Fixes CVE-2024-7006 in libtiff

Medium Fixes CVE-2024-47076 CVE-2024-47175 CVE-2024-47176 CVE-2024-47177 in CUPS

Android Security fixes can be found here


Chrome Browser Security Fixes:

[$4000.0] [368672129] MEDIUM CVE-2024-9959: Use after free in DevTools. Reported by Sakana.S on 2024-09-21

[$36000.0] [367755363] HIGH CVE-2024-9954:Use after free in AI. Reported by DarkNavy on 2024-09-18

[$TBD] [367734947] HIGH CVE- DCHECK failure in base_.kind() == JAVA_SCRIPT in frames.h on 2024-09-17

[$TBD] [366635354] HIGH CVE- V8 correctness failure in sources: 1e - Missing TypeError in inlined js-to-wasm wrapper for ref extern on 2024-09-14

[$1000.0]  [364773822] LOW CVE-2024-9966  Inappropriate implementation in Navigations. Reported by Harry Chen on 2024-09-05

[TBD][375123371] CRITICAL CVE-2024-10487: Out of bounds write in Dawn. Reported by Apple Security Engineering and Architecture (SEAR) on 2024-10-23
[TBD][374310077] HIGH CVE-2024-10488: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2024-10-18
[TBD][371011220] HIGH CVE-2024-10229: Inappropriate implementation in Extensions. Reported by Vsevolod Kokorin (Slonser) of Solidlab on 2024-10-02

[TBD][371565065] HIGH CVE-2024-10230: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) on 2024-10-05

[TBD][372269618] HIGH CVE-2024-10231: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) on 2024-10-09

[$1000.0] [364508693] MEDIUM CVE-2024-9962 : Inappropriate implementation in Permissions. Reported by Shaheen Fazim on 2024-09-04

[$3000.0] [361711121] LOW CVE-2024-9964  : Inappropriate implementation in Payments. Reported by Hafiizh on 2024-08-23

[$2000.0] [354748063] MEDIUM CVE-2024-9960: Use after free in Dawn. Reported by Anonymous on 2024-07-23

[$TBD] [328278718] MEDIUM CVE-2024-9963 : Insufficient data validation in Downloads. Reported by st4nly0n on 2024-03-06

[$5000.0] [40076120] MEDIUM CVE-2024-9958 Inappropriate implementation in PictureInPicture. Reported by Lyra Rebane (rebane2001) on 2023-11-02


Giuliana Pritchard

Google ChromeOS