Heap Corruption Vulnerability in Google Chrome Prior to 123.0.6312.86
CVE-2024-2885

8.8HIGH

Key Information:

Vendor

Google
Status
Chrome
Vendor
CVE Published:
26 March 2024

Badges

đź“° News Worthy

What is CVE-2024-2885?

A vulnerability exists in the Dawn component of Google Chrome that stems from a use after free condition. This flaw can be exploited by a remote attacker to corrupt the heap by providing a specially crafted HTML page. The issue affects versions of Google Chrome prior to 123.0.6312.86, making it critical for users to update to maintain security and protect against potential heap corruption attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Chrome 123.0.6312.86

News Articles

favicon imageLinux Security

Fedora 39: chromium 2024-0bb0e8f2a0 | LinuxSecurity.com

Fedora Update Notification FEDORA-2024-0bb0e8f2a0 2024-03-29 01:07:30.704833 Name: chromium Product:

favicon imageLinux Security

Fedora 39: chromium 2024-0bb0e8f2a0 | LinuxSecurity.com

Fedora Update Notification FEDORA-2024-0bb0e8f2a0 2024-03-29 01:07:30.704833 Name: chromium Product:

favicon imageLinux Security

Fedora 38: chromium 2024-b4dab205d7 | LinuxSecurity.com

Fedora Update Notification FEDORA-2024-b4dab205d7 2024-03-29 02:39:36.209178 Name: chromium Product:

References

https://chromereleases.googleblog.com/2024/03/stable-chan...
https://issues.chromium.org/issues/328958020
https://lists.fedoraproject.org/archives/list/package-ann...

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • đź“°

    First article discovered by Hackhunting

  • Vulnerability published

  • Vulnerability Reserved

JSON
.