Information for
Multiple Vulnerabilities in Google Chrome
Components Affected
- Google Chrome prior to 120.0.6099.224 (Linux)
- Google Chrome prior to 120.0.6099.234 (Mac)
- Google Chrome prior to 120.0.6099.224/225 (Windows)
Overview
Multiple vulnerabilities were identified in Google Chrome. Where a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and sensitive information disclosure on the targeted system.
Description
Multiple vulnerabilities have been discovered in Google Chrome and an actively exploited zero-day vulnerability tracked by CVE-2024-0519. Details of these severe vulnerabilities are as follows:
- CVE-2024-0517: Out of bounds write in V8.
- CVE-2024-0518: Type Confusion in V8.
- CVE-2024-0519: Out-of-bounds memory access in the V8 JavaScript and WebAssembly engine, which can be weaponized by threat actors to trigger a crash.
Impact
- Remote Code Execution
- Denial of Service
- Information Disclosure
Solution/ Workarounds
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Google Chrome prior to 120.0.6099.224 (Linux)
- Google Chrome prior to 120.0.6099.234 (Mac)
- Google Chrome prior to 120.0.6099.224/225 (Windows)
Reference
Disclaimer
The information provided herein is on an “as is” basis, without warranty of any kind.
Connect with us
-
The decision we make today on cyber security will determine the security of the society in which we live tomorrow.
Total Users : 206086
© Sri Lanka CERT|CC 2024. All rights Reserved.
Designed and Developed by Procons Infotech
Skip to content
Designed and Developed by Procons Infotech