Heap Buffer Overflow in ANGLE in Google Chrome Prior to 120.0.6099.199

CVE-2024-0223

8.8HIGH

Key Information

Vendor
Google
Status
Chrome
Vendor
CVE Published:
4 January 2024

Badges

đź“° News Worthy

Summary

Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Affected Version(s)

Chrome < 120.0.6099.199

News Articles

favicon imageGBHackers

Google Chrome Use After Free Flaw Let Attacker Hijack Browser

The latest stable channel update for Google Chrome, version 120.0.6099.199 for Mac and Linux and 120.0.6099.199/200 for Windows.

4 months ago

Refferences

https://chromereleases.googleblog.com/2024/01/stable-chan...
https://crbug.com/1505009
https://lists.fedoraproject.org/archives/list/package-ann...
https://lists.fedoraproject.org/archives/list/package-ann...
https://security.gentoo.org/glsa/202401-34

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • First article discovered by GBHackers

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre DatabaseGoogle Feed1 News Article(s)
.