In accordance with our coordinated disclosure policy, Cisco Talos worked with Google to ensure that these issues are resolved and that an update is available for affected customers. Google initially fixed this vulnerability in March and merged it in April. However, the company just publicly disclosed it on June 26, per its vulnerability disclosure policies.
Google V8 Array.prototype memory corruption vulnerability (TALOS-2019-0791/CVE-2019-5831)
Read the complete vulnerability advisory here for additional information.
Talos tested and confirmed that Google V8, version 7.3.492.17 is affected by these vulnerabilities.
The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.
Snort Rules: 49442, 49443