Heap Buffer Overflow in ANGLE in Google Chrome Prior to 120.0.6099.199
CVE-2024-0223

8.8HIGH

Key Information:

Vendor

Google
Status
Chrome
Vendor
CVE Published:
4 January 2024

Badges

๐Ÿ“ฐ News Worthy

What is CVE-2024-0223?

A heap buffer overflow vulnerability exists within the ANGLE component of Google Chrome, specifically affecting versions prior to 120.0.6099.199. This flaw can allow a remote attacker to potentially exploit heap corruption by delivering a specially crafted HTML page. Such exploitation can lead to unauthorized actions or code execution within the affected browser environment. Users are highly advised to update their Google Chrome installations to the latest version to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Chrome 120.0.6099.199

News Articles

favicon imageGBHackers

Google Chrome Use After Free Flaw Let Attacker Hijack Browser

The latest stable channel update for Google Chrome, version 120.0.6099.199 for Mac and Linux and 120.0.6099.199/200 for Windows.

References

https://chromereleases.googleblog.com/2024/01/stable-chan...
https://crbug.com/1505009
https://lists.fedoraproject.org/archives/list/package-ann...

EPSS Score

9% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • ๐Ÿ“ฐ

    First article discovered by GBHackers

  • Vulnerability published

  • Vulnerability Reserved

JSON
.