Описание
Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
A vulnerability was found in the Web Real-Time Communication (WebRTC) component of chromium-browser. This flaw stems from improper memory management when processing web content. A remote attacker can exploit this vulnerability by convincing a user to visit a specially crafted, malicious website. A successful exploitation of this flaw may lead the browser to crash, to present unexpected behavior and remote code execution is not discarded.
Отчет
This vulnerability doesn't affect any supported Red Hat products.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Дополнительная информация
Статус:
EPSS
8.8 High
CVSS3
Связанные уязвимости
Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allo ...
Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
EPSS
8.8 High
CVSS3