Heap Corruption Vulnerability in ANGLE Prior to 123.0.6312.86 Allows Remote Attack
Key Information
- Vendor
- Status
- Chrome
- Vendor
- CVE Published:
- 26 March 2024
Badges
Summary
The reported CVE-2024-2883 is a critical flaw in Google Chrome prior to version 123.0.6312.86, allowing potential exploitation of heap corruption through a crafted HTML page. This vulnerability could lead to remote attacks, with the severity rated as critical by Chromium security. The update to Chrome version 123.0.6312.86/.87 addresses a total of seven security vulnerabilities, including four rated as “High” and one “Critical” flaw. The critical vulnerability was discovered by Cassidy Kim and earned them a $10,000 reward from Google. The update highlights the importance of timely patching and the role of security researchers in keeping users safe. This flaw has not been exploited by ransomware groups.
Affected Version(s)
Chrome < 123.0.6312.86
News Articles
Morphisec CVE-2024-2883Threat Bulletin – CVE-2024-2883
Stay informed on CVE-2024-2883, a critical vulnerability in Google Chrome and Microsoft Edge, with insights and mitigation strategies.
6 months ago
Linux Security CVE-2024-2883CVE-2024-2885Fedora 39: chromium 2024-0bb0e8f2a0 | LinuxSecurity.com
Fedora Update Notification FEDORA-2024-0bb0e8f2a0 2024-03-29 01:07:30.704833 Name: chromium Product:
6 months ago
Linux Security CVE-2024-2883CVE-2024-2885Fedora 39: chromium 2024-0bb0e8f2a0 | LinuxSecurity.com
Fedora Update Notification FEDORA-2024-0bb0e8f2a0 2024-03-29 01:07:30.704833 Name: chromium Product:
6 months ago
Timeline
- đź‘ľ
Exploit exists.
First article discovered by securityonline.info
Vulnerability Reserved.
Vulnerability published.