Heap Corruption Vulnerability in User Education Feature of Google Chrome
CVE-2024-6998

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 6 August 2024

What is CVE-2024-6998?

The vulnerability in the User Education feature of Google Chrome arises from a use-after-free condition that can lead to heap corruption. This issue affects versions released before 127.0.6533.72. A remote attacker may exploit this by enticing a user to perform specific UI gestures on a specially crafted HTML page. If successful, this could result in unintended behavior or crashes, posing potential security risks for affected users. It is crucial for Google Chrome users to update to the latest version to mitigate these vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://chromereleases.googleblog.com/2024/07/stable-chan...

https://issues.chromium.org/issues/340098902

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 6, 2024

JSON

Google

What is CVE-2024-6998?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.