Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-4558

Опубликовано: 07 мая 2024
Источник: redhat
CVSS3: 7
EPSS Низкий

Описание

Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

There's a flaw in the Angle package where processing maliciously crafted web content may lead to a use-after-free. A remote attacker may leverage that to exploit heap corruption related bugs, such as crashing the application or remote code execution.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7webkitgtk3Out of support scope
Red Hat Enterprise Linux 7 Extended Lifecycle Supportwebkitgtk4FixedRHSA-2025:1036407.07.2025
Red Hat Enterprise Linux 8webkit2gtk3FixedRHSA-2024:963614.11.2024
Red Hat Enterprise Linux 8.2 Advanced Update Supportwebkit2gtk3FixedRHSA-2024:968014.11.2024
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Supportwebkit2gtk3FixedRHSA-2024:967914.11.2024
Red Hat Enterprise Linux 8.4 Telecommunications Update Servicewebkit2gtk3FixedRHSA-2024:967914.11.2024
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutionswebkit2gtk3FixedRHSA-2024:967914.11.2024
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Supportwebkit2gtk3FixedRHSA-2024:965314.11.2024
Red Hat Enterprise Linux 8.6 Telecommunications Update Servicewebkit2gtk3FixedRHSA-2024:965314.11.2024
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutionswebkit2gtk3FixedRHSA-2024:965314.11.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=2279689chromium-browser: Use after free in ANGLE

EPSS

Процентиль: 85%
0.02579
Низкий

7 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-4558

CVSS3: 9.6
ubuntu
почти 2 года назад

Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

nvd логотип

CVE-2024-4558

CVSS3: 9.6
nvd
почти 2 года назад

Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

msrc логотип

CVE-2024-4558

msrc
почти 2 года назад

Chromium: CVE-2024-4558 Use after free in ANGLE

debian логотип

CVE-2024-4558

CVSS3: 9.6
debian
почти 2 года назад

Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allow ...

github логотип

GHSA-r4j8-j63p-24j8

CVSS3: 7.5
github
почти 2 года назад

Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

EPSS

Процентиль: 85%
0.02579
Низкий

7 High

CVSS3