CVE-2023-2936
published 2023-05-30CVE-2023-2936: Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page…
PriorityP262high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
23.02%
97.5th percentile
Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 114.0.5735.90-2~deb11u1 | 114.0.5735.90-2~deb11u1 |
| chromium | chromium | >= 0 < 114.0.5735.90-2~deb12u1 | 114.0.5735.90-2~deb12u1 |
| chromium | chromium | >= 0 < 114.0.5735.90-1 | 114.0.5735.90-1 |
| chromium | chromium | >= 0 < 114.0.5735.90-1 | 114.0.5735.90-1 |
| debian | chromium | < chromium 114.0.5735.90-2~deb12u1 (bookworm) | chromium 114.0.5735.90-2~deb12u1 (bookworm) |
| chrome | < 114.0.5735.90 | 114.0.5735.90 | |
| chrome | >= 114.0.5735.90 < 114.0.5735.90 | 114.0.5735.90 | |
| chrome_chrome | — | — | |
| msrc | microsoft_edge | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2023-2936 is a Type Confusion vulnerability in the V8 JavaScript engine of Google Chrome. Exploitation requires a crafted HTML page delivered to the victim, enabling heap corruption via a remote attacker. ↗
- →The vulnerability was reported under Chromium bug tracker ID 1443452, which can be used to track related proof-of-concept or exploit code references. ↗
- →CVE-2023-2936 was reported by Sergei Glazunov of Google Project Zero on 2023-04-27, indicating a high-severity, researcher-discovered V8 type confusion bug. ↗
- ·Vulnerable versions of Google Chrome are all releases prior to 114.0.5735.90. Microsoft Edge (Chromium-based) versions prior to 114.0.1823.37 (released 6/2/2023, based on Chromium 114.0.5735.90/91) are also affected. ↗
- ·Debian distributions (bookworm, bullseye, forky, sid, trixie) have all resolved this CVE in Chromium package version 114.0.5735.90-1 or 114.0.5735.90-2~debXXuX. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x723-3x32-qg44: Type Confusion in V8 in Google Chrome prior to 114
ghsa_unreviewed·2023-05-31
CVE-2023-2936 [HIGH] CWE-843 GHSA-x723-3x32-qg44: Type Confusion in V8 in Google Chrome prior to 114
Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
OSV
CVE-2023-2936: Type Confusion in V8 in Google Chrome prior to 114
osv·2023-05-30·CVSS 8.8
CVE-2023-2936 [HIGH] CVE-2023-2936: Type Confusion in V8 in Google Chrome prior to 114
Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Microsoft
Chromium: CVE-2023-2936 Type Confusion in V8
vendor_msrc·2023-06-13·CVSS 8.8
CVE-2023-2936 [HIGH] Chromium: CVE-2023-2936 Type Confusion in V8
Chromium: CVE-2023-2936 Type Confusion in V8
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
114.0.1823.37
6/2/2023
114.0.5735.90/91
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your
Chrome
Stable Channel Update for Desktop: CVE-2023-2934
vendor_chrome·2023-05-30·CVSS 8.8
CVE-2023-2934 [HIGH] Stable Channel Update for Desktop: CVE-2023-2934
Stable Channel Update for Desktop
CVE-2023-2934: Out of bounds memory access in Mojo. Reported by Mark Brand of Google Project Zero on 2023-04-01 [$NA][ 1440695 ] High CVE-2023-2935: Type Confusion in V8
Reported by Sergei Glazunov of Google Project Zero on 2023-04-27 [$NA][ 1443452 ] High CVE-2023-2936: Type Confusion in V8
Severity: high
Debian
CVE-2023-2936: chromium - Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote at...
vendor_debian·2023·CVSS 8.8
CVE-2023-2936 [HIGH] CVE-2023-2936: chromium - Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote at...
Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Scope: local
bookworm: resolved (fixed in 114.0.5735.90-2~deb12u1)
bullseye: resolved (fixed in 114.0.5735.90-2~deb11u1)
forky: resolved (fixed in 114.0.5735.90-1)
sid: resolved (fixed in 114.0.5735.90-1)
trixie: resolved (fixed in 114.0.5735.90-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/173197/Chrome-V8-Type-Confusion.htmlhttps://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_30.htmlhttps://crbug.com/1443452https://security.gentoo.org/glsa/202311-11https://security.gentoo.org/glsa/202401-34https://www.debian.org/security/2023/dsa-5418http://packetstormsecurity.com/files/173197/Chrome-V8-Type-Confusion.htmlhttps://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_30.htmlhttps://crbug.com/1443452https://security.gentoo.org/glsa/202311-11https://security.gentoo.org/glsa/202401-34https://www.debian.org/security/2023/dsa-5418
2023-05-30
Published