Lucene search

PRIOn knowledge basePRION:CVE-2023-5996

HistoryNov 08, 2023 - 8:15 p.m.

Design/Logic Flaw

2023-11-0820:15:00

PRIOn knowledge base

www.prio-n.com

design flaw

logic flaw

use after free

webaudio

google chrome

remote attacker

exploit

heap corruption

crafted html

chromium

high severity

nvd

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.1%

JSON

Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CPENameOperatorVersion
debian_linuxeq11.0
debian_linuxeq12.0
fedoraeq38
fedoraeq39
chromelt119.0.6045.123

Name	Operator	Version
debian_linux	eq	11.0
debian_linux	eq	12.0
fedora	eq	38
fedora	eq	39
chrome	lt	119.0.6045.123

References

chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop.html

crbug.com/1497859

lists.fedoraproject.org/archives/list/[email protected]/message/2MHLJRFWZNY6BFOW25Q4FEESVWZKS4C2/

lists.fedoraproject.org/archives/list/[email protected]/message/PHWLT3M2AQDFD7RNAM3NJMYUC5KHMO5V/

security.gentoo.org/glsa/202311-11

security.gentoo.org/glsa/202312-07

security.gentoo.org/glsa/202401-34

www.debian.org/security/2023/dsa-5551