CVE-2017-5122 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Chrome

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents5 sources

Severity

8.8HIGHNVD

EPSS

1.5%

top 18.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Chrome Debian Linux

Timeline

PublishedOct 27

Latest updateMay 17

Description

Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via a crafted HTML page.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

▶NVDgoogle/chrome< 61.0.3163.100

Also affects: Debian Linux 9.0

🔴Vulnerability Details

GHSA

GHSA-99qc-wpw5-vp52: Inappropriate use of table size handling in V8 in Google Chrome prior to 61↗2022-05-17

▶

OSV

CVE-2017-5122: Inappropriate use of table size handling in V8 in Google Chrome prior to 61↗2017-10-27

▶

📋Vendor Advisories

Red Hat

chromium-browser: out-of-bounds access in v8↗2017-09-21

▶

💬Community

Bugzilla

CVE-2017-5121 CVE-2017-5122 chromium: various flaws [fedora-all]↗2017-09-22

▶

Bugzilla

CVE-2017-5122 chromium-browser: out-of-bounds access in v8↗2017-09-22

▶