VDB
CVE-2023-5996
CVE-2023-5996
PUBLISHED
CVSS 9.300000190734863 CRITICAL
In der WebAudio-Komponente von Google Chrome besteht eine Schwachstelle aufgrund eines Use-after-free-Problems, das derzeit noch nicht im Detail beschrieben und veröffentlicht wurde. Ein Angreifer kann diese Schwachstelle ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 0.57% · 69.0th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.57%
69.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | |
| Fedora | Fedora Linux | |
| Gentoo | Gentoo Linux |
Exploit Intelligence
- https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop.html (circl)
- https://crbug.com/1497859 (circl)
- https://www.debian.org/security/2023/dsa-5551 (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHLJRFWZNY6BFOW25Q4FEESVWZKS4C2/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PHWLT3M2AQDFD7RNAM3NJMYUC5KHMO5V/ (circl)
- https://security.gentoo.org/glsa/202311-11 (circl)
- https://security.gentoo.org/glsa/202312-07 (circl)
- https://security.gentoo.org/glsa/202401-34 (circl)
Timeline
- Jan 21, 1970 Distribution Patch
- Jan 21, 1970 Security Advisory
- Jan 21, 1970 Security Advisory
- Jan 21, 1970 Security Advisory
- Jan 21, 1970 Security Advisory
- Nov 7, 2023 CVE Published
- Nov 9, 2023 EPSS Score
- Dec 9, 2023 EPSS Score
- Jan 31, 2024 CVE Updated
- Feb 8, 2024 EPSS Score
- Mar 10, 2024 EPSS Score
- May 9, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2875.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2875 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-eca2daf875 advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#november-9-2023 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2851.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2851 advisory
- https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop.html advisory
- https://lists.debian.org/debian-security-announce/2023/msg00247.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-f83b5e84d3 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-f535d91d21 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-e296b98814 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-f29e9560a1 advisory
- https://security.gentoo.org/glsa/202311-11 advisory
- https://security.gentoo.org/glsa/202401-34 advisory