Google Chrome announced an update to patch an out of bounds memory access vulnerability affecting desktop versions that could allow denial-of-service conditions if exploited.
The patch for CVE-2016-5198 included a Stable Channel update to 54.0.2840.87 for Windows, Mac, and 54.0.2840.90 for Linux and was discovered by Tencent Keen Security Lab, working with Trend Micro’s Zero Day Initiative, according to a Nov. 1 advisory.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google Chrome researcher Richard Bustamante said in the advisory. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”
Additional changes will be documented in Google’s log.