CVE-2024-0224 — Vulnetix

CVE-2024-0224 PUBLISHED

Es bestehen mehrere Schwachstellen in Google Chrome und Microsoft Edge. Diese Fehler bestehen in den ANGLE-, WebAudio- und WebGPU-Komponenten aufgrund von Use-after-free-Fehlern und eines Heap-basierten Pufferüberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.

EPSS 0.45% · 63.8th percentile

Risk Scores

EPSS Score

0.45%

63.8th percentile

Affected Products

Vendor	Product	Versions
IGEL	IGEL OS < 11.09.210
IGEL	IGEL OS < 120.0.6099.216
Fedora	Fedora Linux
Gentoo	Gentoo Linux
Debian	Debian Linux

Timeline

Jan 3, 2024 CVE Published
Jan 18, 2024 EPSS Score
Feb 15, 2024 EPSS Score
Feb 18, 2024 CVE Updated
Mar 14, 2024 EPSS Score
Apr 10, 2024 EPSS Score
May 8, 2024 EPSS Score
Jul 3, 2024 EPSS Score
Jul 31, 2024 EPSS Score
Sep 1, 2024 EPSS Score
Sep 28, 2024 EPSS Score
Oct 26, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0010.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0010 advisory
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html advisory
https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security advisory
https://lists.debian.org/debian-security-announce/2024/msg00002.html advisory
https://bodhi.fedoraproject.org/updates/FEDORA-2024-210776b8c7 advisory
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-148b296f8a advisory
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-650d6143b5 advisory
https://bodhi.fedoraproject.org/updates/FEDORA-2024-a6c2300bca advisory
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-39ec948d57 advisory
https://kb.igel.com/securitysafety/en/isn-2024-01-chromium-vulnerabilities-112723402.html advisory
https://security.gentoo.org/glsa/202401-34 advisory
https://security.gentoo.org/glsa/202402-14 advisory

Open in Interactive Console →