Описание
Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
A flaw was found in Chromium (Google Chrome). This vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML (HyperText Markup Language) page due to a use after free in WebGPU (Web Graphics Processing Unit).
Отчет
This vulnerability is rated Important for Red Hat due to a use-after-free flaw in WebGPU within chromium-browser. A remote attacker could exploit heap corruption by enticing a user to visit a crafted HTML page, potentially leading to arbitrary code execution in the context of the browser.
Меры по смягчению последствий
To mitigate this issue, users should avoid visiting untrusted websites or opening untrusted HTML content. Employing a robust web browser sandbox, if available and configured, can further limit the potential impact of successful exploitation.
Дополнительная информация
Статус:
EPSS
8.8 High
CVSS3
Связанные уязвимости
Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allo ...
Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Уязвимость компонента WebGPU браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
8.8 High
CVSS3