VDB
CVE-2024-0223
CVE-2024-0223
PUBLISHED
Es bestehen mehrere Schwachstellen in Google Chrome und Microsoft Edge. Diese Fehler bestehen in den ANGLE-, WebAudio- und WebGPU-Komponenten aufgrund von Use-after-free-Fehlern und eines Heap-basierten Pufferüberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 9.62% · 93.0th percentile
Risk Scores
EPSS Score
9.62%
93.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IGEL | IGEL OS < 120.0.6099.216 | |
| IGEL | IGEL OS < 11.09.210 | |
| Fedora | Fedora Linux | |
| Debian | Debian Linux | |
| Gentoo | Gentoo Linux |
Exploit Intelligence
- https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html (circl)
- https://crbug.com/1505009 (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYONA2XSNFMXLAW4IHLFI5UVV3QRNG5K/ (circl)
- https://security.gentoo.org/glsa/202401-34 (circl)
Timeline
- Jan 3, 2024 CVE Published
- Jan 18, 2024 EPSS Score
- Feb 15, 2024 EPSS Score
- Feb 18, 2024 CVE Updated
- Apr 11, 2024 EPSS Score
- May 8, 2024 EPSS Score
- Jul 3, 2024 EPSS Score
- Jul 31, 2024 EPSS Score
- Sep 1, 2024 EPSS Score
- Oct 27, 2024 EPSS Score
- Nov 23, 2024 EPSS Score
- Dec 22, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0010.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0010 advisory
- https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html advisory
- https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security advisory
- https://lists.debian.org/debian-security-announce/2024/msg00002.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-210776b8c7 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-148b296f8a advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-650d6143b5 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-a6c2300bca advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-39ec948d57 advisory
- https://kb.igel.com/securitysafety/en/isn-2024-01-chromium-vulnerabilities-112723402.html advisory
- https://security.gentoo.org/glsa/202401-34 advisory
- https://security.gentoo.org/glsa/202402-14 advisory