CVE-2024-3176

2024-07-1623:15:24

Debian Security Bug Tracker

security-tracker.debian.org

swiftshader

google chrome

out of bounds write

remote attacker

memory write

crafted html page

chromium security severity

high

cve-2024-3176

unix

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

26.7%

JSON

Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

OSVersionArchitecturePackageVersionFilename
Debian12allchromium< 117.0.5938.62-1~deb12u1chromium_117.0.5938.62-1~deb12u1_all.deb
Debian11allchromium< 117.0.5938.62-1~deb11u1chromium_117.0.5938.62-1~deb11u1_all.deb
Debian999allchromium< 117.0.5938.62-1chromium_117.0.5938.62-1_all.deb
Debian13allchromium< 117.0.5938.62-1chromium_117.0.5938.62-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	chromium	< 117.0.5938.62-1~deb12u1	chromium_117.0.5938.62-1~deb12u1_all.deb
Debian	11	all	chromium	< 117.0.5938.62-1~deb11u1	chromium_117.0.5938.62-1~deb11u1_all.deb
Debian	999	all	chromium	< 117.0.5938.62-1	chromium_117.0.5938.62-1_all.deb
Debian	13	all	chromium	< 117.0.5938.62-1	chromium_117.0.5938.62-1_all.deb