Heap Buffer Overflow in ANGLE in Google Chrome Prior to 120.0.6099.199
CVE-2024-0223

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 4 January 2024

Badges

📰 News Worthy

Summary

A heap buffer overflow vulnerability exists within the ANGLE component of Google Chrome, specifically affecting versions prior to 120.0.6099.199. This flaw can allow a remote attacker to potentially exploit heap corruption by delivering a specially crafted HTML page. Such exploitation can lead to unauthorized actions or code execution within the affected browser environment. Users are highly advised to update their Google Chrome installations to the latest version to mitigate this risk.

Affected Version(s)

Chrome 120.0.6099.199

News Articles

GBHackers

CVE-2024-0222 CVE-2024-0223

Google Chrome Use After Free Flaw Let Attacker Hijack Browser

The latest stable channel update for Google Chrome, version 120.0.6099.199 for Mac and Linux and 120.0.6099.199/200 for Windows.

5 months ago

References

https://chromereleases.googleblog.com/2024/01/stable-chan...

https://crbug.com/1505009

https://lists.fedoraproject.org/archives/list/package-ann...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

📰
First article discovered by GBHackers
Sep 2, 2024
Vulnerability published
Jan 4, 2024
Vulnerability Reserved
Jan 3, 2024

Key Information:

Badges

Summary

Affected Version(s)

Get notified when SecurityVulnerability.io launches alerting 🔔

News Articles

Google Chrome Use After Free Flaw Let Attacker Hijack Browser

References

CVSS V3.1

Timeline