Chrome OS Security Advisories
The following is a list of security advisory pages published on https://www.chromium.org.
Note that we do not routinely publish information for all fixed vulnerabilities on a dedicated page, just for vulnerabilities where users/customers will benefit from a more in-depth description of the issue and/or where mitigative action by the user is necessary. Thus, the majority of security bug fixes will not be listed here but handled as security bugs in the bugs.chromium.org tracker and the fixes will be rolled out transparently to devices with the Chrome OS auto-update mechanism.
List of advisories in reverse chronological order:
[U2F ECDSA vulnerability](/chromium-os/u2f-ecdsa-vulnerability)
[Microarchitectural Data Sampling on Chrome
OS](/chromium-os/mds-on-chromeos)
[Privilege escalation via unchecked TPM
reset](/chromium-os/unchecked_tpm_reset)
[Lazy FP Restore Vulnerability Status for Chrome
OS](/chromium-os/lazy-fp-restore-vulnerability-status)
[Meltdown/Spectre vulnerability status for Chrome OS
devices](/chromium-os/meltdown-spectre-vulnerability-status)
[Trusted Platform Module firmware
vulnerability](/chromium-os/meltdown-spectre-vulnerability-status)