Heap Corruption Vulnerability in ANGLE Prior to 123.0.6312.86 Allows Remote Attack
CVE-2024-2883
Key Information:
Badges
Summary
The reported CVE-2024-2883 is a critical flaw in Google Chrome prior to version 123.0.6312.86, allowing potential exploitation of heap corruption through a crafted HTML page. This vulnerability could lead to remote attacks, with the severity rated as critical by Chromium security. The update to Chrome version 123.0.6312.86/.87 addresses a total of seven security vulnerabilities, including four rated as “High” and one “Critical” flaw. The critical vulnerability was discovered by Cassidy Kim and earned them a $10,000 reward from Google. The update highlights the importance of timely patching and the role of security researchers in keeping users safe. This flaw has not been exploited by ransomware groups.
Affected Version(s)
Chrome 123.0.6312.86
News Articles
MorphisecCVE-2024-2883Threat Bulletin – CVE-2024-2883
Stay informed on CVE-2024-2883, a critical vulnerability in Google Chrome and Microsoft Edge, with insights and mitigation strategies.
9 months ago
Linux SecurityFedora 39: chromium 2024-0bb0e8f2a0 | LinuxSecurity.com
Fedora Update Notification FEDORA-2024-0bb0e8f2a0 2024-03-29 01:07:30.704833 Name: chromium Product:
9 months ago
Fedora 39: chromium 2024-0bb0e8f2a0 | LinuxSecurity.com
Fedora Update Notification FEDORA-2024-0bb0e8f2a0 2024-03-29 01:07:30.704833 Name: chromium Product:
9 months ago
References
CVSS V3.1
Timeline
- 👾
Exploit known to exist
- 📰
First article discovered by securityonline.info
Vulnerability published
Vulnerability Reserved