CVE-2024-7969: Multiple vulnerabilities in Google Chrome

Overview:

Multiple vulnerabilities have been reported in Google Chrome, which could allow a remote attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the targeted system.

CVECVE-2024-7969
CVE-2024-8193
CVE-2024-8194
CVE-2024-8198
CVSS v3Highest 8.8
Publish Date21-Aug-2024
Impacted Software<=128.0.6613.113/.114 for Windows
<=128.0.6613.113/.114 for Mac
<=128.0.6613.113 for Linux
Exploit availabilityNO as on post date

Description :

These vulnerabilities exist in Google Chrome due to Type Confusion in V8 and Heap buffer overflow in Skia. A remote attacker could exploit these vulnerabilities by sending a specially crafted request on the targeted system.
Successful exploitation of these vulnerabilities could allow a remote attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the targeted system.

Solution :

Apply appropriate updates as mentioned by the vendor.
https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html

Reference :

https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *