Heap Corruption Vulnerability in Google Chrome on Android
CVE-2024-10826

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 6 November 2024

🔔 Create Google Vulnerability Alert

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2024-10826?

A use after free vulnerability exists in the Family Experiences component of Google Chrome for Android prior to version 130.0.6723.116. This vulnerability may enable a remote attacker to exploit heap corruption through a specially crafted HTML page. Attackers can leverage this flaw to compromise system integrity and potentially execute unauthorized actions. It is crucial for users to update their browser to the latest version to protect against this vulnerability.

News Articles

The Cyber Express

CVE-2024-10826 CVE-2024-10827

Cert-In Reports Vulnerabilities In Google Chrome

CERT-In reports critical vulnerabilities in Google Chrome that could lead to code execution, data theft, and system crashes.

thmubnail image

References

https://chromereleases.googleblog.com/2024/11/stable-chan...

https://issues.chromium.org/issues/370217726

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Nov 12, 2024
📰
First article discovered by The Cyber Express
Nov 12, 2024
Vulnerability published
Nov 6, 2024

.

CVE-2024-10826 : Heap Corruption Vulnerability in Google Chrome on Android