CVE-2024-4761
CVE-2024-4761
In short
A flaw in Google Chrome's V8 engine allows attackers to write data outside intended memory boundaries through a malicious webpage, potentially enabling code execution or system compromise.
Technical detail
Out-of-bounds write vulnerability in V8 (CWE-787) exploitable via crafted HTML; requires user to visit a malicious page; can lead to arbitrary code execution with renderer process privileges. Affects Chrome versions prior to 124.0.6367.207.
Summary generated and translated by AI from the official description.
Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected products
Google · Chromepublic PoCs found — 1
githubgithub.com/michredteam/CVE-2024-4761★ 4⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_13.htmlhttps://issues.chromium.org/issues/339458194https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4761