Thursday, October 3, 2024
HomeChromeGoogle Chrome use-after-free Vulnerability Leads to Remote Attack

Google Chrome use-after-free Vulnerability Leads to Remote Attack

Published on

Google Chrome has been recently discovered to be a Use-after-free vulnerability that threat actors can exploit to attack users. This vulnerability exists in the Google Chrome VideoEncoder, which can be triggered using a malicious web page.

However, Google Chrome version 113.0.5672.127 (64-bit) and Chromium 115.0.5779.0 (Build) (64-bit) were found to be vulnerable to this bug, which was fixed by Chrome developers in versions 114.0.5735.198 for Mac and Linux and 114.0.5735.198/199 for Windows.

CVE-2023-3421 – Google Chrome use-after-free

Use-after-free is a condition in which the memory allocation is freed, but the program does not clear the pointer to that memory. This is due to incorrect usage of dynamic memory allocation during an operation. 

- Advertisement - EHA

CVE-2023-3421 vulnerability arises due to this use-after-free condition in the VideoEncoder av1_svc_check_reset_layer_rc_flag functionality, which a threat actor can exploit by serving a malicious HTML page which can lead to heap corruption.

The severity for this vulnerability has been given as 8.8 (High).  Furthermore, a proof-of-concept has been released for this vulnerability, which explains the vulnerability and possible exploitation. 

As per the reports, the media::Av1VideoEncoder::ChangeOptions function can be called multiple times by continuously switching the encoder configuration using a Javascript code.

This function executes the SetUpAomConfig function that prepares the configuration for the video encoder. This function is also used to configure the encoder without the scalability mode option set, leading to the SetUpAomConfig function not properly validating the svc_params.number_temporal_layers parameter.

In addition, svc->number_temporal_layers is forced to be set to “zero,” which will give the negative index used to get the svc->layer_context pointer. A complete report has been published by TALOS, providing detailed information about this vulnerability, exploitation, source code, and other information.

Users of Google Chrome 113.0.5672.127 (64-bit) and Google Chrome Chromium 115.0.5779.0 (Build) (64-bit) versions are recommended to upgrade to the latest versions to prevent this vulnerability from getting exploited.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Northern Ireland Police to Pay £750,000 Fine Following Data Breach

The Police Service of Northern Ireland (PSNI) has been ordered to pay a £750,000...

ANY.RUN Upgrades Threat Intelligence to Identify Emerging Threats

ANY.RUN announced an upgrade to its Threat Intelligence Portal, enhancing its capabilities to identify...

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

A critical vulnerability has been discovered in Cisco's Nexus Dashboard Fabric Controller (NDFC), potentially...

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Northern Ireland Police to Pay £750,000 Fine Following Data Breach

The Police Service of Northern Ireland (PSNI) has been ordered to pay a £750,000...

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

A critical vulnerability has been discovered in Cisco's Nexus Dashboard Fabric Controller (NDFC), potentially...

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new...