Google Chrome Security Update (stable-channel-update-for-desktop_9-2024-05) - Linux

2024-05-1000:00:00

plugins.openvas.org

google chrome

linux

use after free

vulnerability

heap corruption

security update

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.2%

JSON

Google Chrome is prone to an use after free
vulnerability.

# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:google:chrome";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.832974");
  script_version("2024-05-17T05:05:27+0000");
  script_cve_id("CVE-2024-4671");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2024-05-17 05:05:27 +0000 (Fri, 17 May 2024)");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2024-05-16 20:27:10 +0000 (Thu, 16 May 2024)");
  script_tag(name:"creation_date", value:"2024-05-10 11:15:09 +0530 (Fri, 10 May 2024)");
  script_name("Google Chrome Security Update (stable-channel-update-for-desktop_9-2024-05) - Linux");

  script_tag(name:"summary", value:"Google Chrome is prone to an use after free
  vulnerability.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present
  on the target host.");

  script_tag(name:"insight", value:"The flaw exists due to an use after free
  error exists in the visuals.");

  script_tag(name: "impact" , value:"Successful exploitation allows an attacker
  to potentially exploit heap corruption via a crafted HTML page.");

  script_tag(name: "affected" , value:"Google Chrome prior to version
  124.0.6367.201 on Linux");

  script_tag(name: "solution", value:"Update to version 124.0.6367.201 or
  later.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"executable_version");
  script_xref(name:"URL", value:"https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2024 Greenbone AG");
  script_family("General");
  script_dependencies("gb_google_chrome_detect_lin.nasl");
  script_mandatory_keys("Google-Chrome/Linux/Ver");
  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
  exit(0);

vers = infos["version"];
path = infos["location"];

if(version_is_less(version:vers, test_version:"124.0.6367.201")) {
  report = report_fixed_ver(installed_version:vers, fixed_version:"124.0.6367.201", install_path:path);
  security_message(port:0, data:report);
  exit(0);
}

exit(99);