Описание
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| chromium | fixed | 117.0.5938.62-1 | package | |
| chromium | end-of-life | buster | package | |
| firefox | fixed | 117.0.1-1 | package | |
| firefox-esr | fixed | 115.2.1esr-1 | package | |
| thunderbird | fixed | 1:115.2.2-1 | package | |
| libwebp | fixed | 1.2.4-0.3 | package |
Примечания
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html
src:chromium builds against the system libwebp library
Fixed by: https://chromium.googlesource.com/webm/libwebp.git/+/902bc9190331343b2017211debcec8d2ab87e17a%5E%21/
Followup: https://chromium.googlesource.com/webm/libwebp.git/+/95ea5226c870449522240ccff26f0b006037c520%5E%21/#F0
https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/#CVE-2023-4863
https://blog.isosceles.com/the-webp-0day/
https://www.darknavy.org/blog/exploiting_the_libwebp_vulnerability_part_1/
https://www.darknavy.org/blog/exploiting_the_libwebp_vulnerability_part_2/
EPSS
Связанные уязвимости
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
EPSS