CVE-2023-3215
published 2023-06-13CVE-2023-3215: Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page…
PriorityP358high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
13.81%
96.0th percentile
Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 114.0.5735.133-1~deb11u1 | 114.0.5735.133-1~deb11u1 |
| chromium | chromium | >= 0 < 114.0.5735.133-1~deb12u1 | 114.0.5735.133-1~deb12u1 |
| chromium | chromium | >= 0 < 114.0.5735.133-1 | 114.0.5735.133-1 |
| chromium | chromium | >= 0 < 114.0.5735.133-1 | 114.0.5735.133-1 |
| debian | chromium | < chromium 114.0.5735.133-1~deb12u1 (bookworm) | chromium 114.0.5735.133-1~deb12u1 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| fedoraproject | fedora | — | — |
| chrome | < 114.0.5735.133 | 114.0.5735.133 | |
| chrome | >= 114.0.5735.133 < 114.0.5735.133 | 114.0.5735.133 | |
| chrome_chrome | — | — | |
| msrc | cbl2_libtiff_4.5.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_libtiff_4.5.1-1_on_cbl_mariner_1.0 | — | — |
| msrc | microsoft_edge | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is triggered via a crafted HTML page delivered remotely, exploiting a use-after-free in the WebRTC component of Google Chrome prior to 114.0.5735.133 ↗
- →Vulnerability was reported on 2023-05-17 by researcher 'asnine'; attribution may help correlate with related PoC or exploit activity ↗
- ·Fixed version for Google Chrome is 114.0.5735.133; any Chrome process reporting a lower version should be treated as vulnerable ↗
- ·Debian packages are fixed in chromium 114.0.5735.133-1~deb12u1 (bookworm) and 114.0.5735.133-1~deb11u1 (bullseye); earlier package versions remain vulnerable ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
vendor_msrc8.8HIGH
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5rw6-vf4w-p4j3: Use after free in WebRTC in Google Chrome prior to 114
ghsa_unreviewed·2023-06-13
CVE-2023-3215 [HIGH] CWE-416 GHSA-5rw6-vf4w-p4j3: Use after free in WebRTC in Google Chrome prior to 114
Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
OSV
CVE-2023-3215: Use after free in WebRTC in Google Chrome prior to 114
osv·2023-06-13·CVSS 8.8
CVE-2023-3215 [HIGH] CVE-2023-3215: Use after free in WebRTC in Google Chrome prior to 114
Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Red Hat
libtiff: heap-buffer overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c
vendor_redhat·2023-06-14·CVSS 8.8
CVE-2023-25434 [HIGH] CWE-119 libtiff: heap-buffer overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c
libtiff: heap-buffer overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c
libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
A heap-based buffer overflow vulnerability was found in LibTIFF's tiffcrop utility in the extractContigSamplesBytes() function. This flaw allows an attacker to pass a crafted TIFF image file to the tiffcrop utility, which causes an out-of-bounds read access resulting in an application crash, eventually leading to a denial of service.
Statement: This vulnerability in tiffcrop is classified as moderate severity rather than important because, while it leads to a denial of service (DoS) via a crash, the impact is not critical in terms of system compromise or data loss. The vulnerability, c
Microsoft
Chromium: CVE-2023-3215 Use after free in WebRTC
vendor_msrc·2023-06-13·CVSS 8.8
CVE-2023-3215 [HIGH] Chromium: CVE-2023-3215 Use after free in WebRTC
Chromium: CVE-2023-3215 Use after free in WebRTC
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
Click on Help and Feedback
Click on About Microsoft Edge
FAQ: What
Chrome
Stable Channel Update for Desktop: CVE-2023-3214
vendor_chrome·2023-06-13·CVSS 8.8
CVE-2023-3214 [CRITICAL] Stable Channel Update for Desktop: CVE-2023-3214
Stable Channel Update for Desktop
CVE-2023-3214: Use after free in Autofill payments. Reported by Rong Jian of VRI on 2023-06-01 [$3000][ 1446274 ] High CVE-2023-3215: Use after free in WebRTC
Reported by asnine on 2023-05-17 [$TBD][ 1450114 ] High CVE-2023-3216: Type Confusion in V8
Severity: critical
Microsoft
libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
vendor_msrc·2023-06-13·CVSS 8.8
CVE-2023-25434 [HIGH] CWE-120 libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
mitre: mitre
Customer Action Required: Yes
R
Debian
CVE-2023-3215: chromium - Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remo...
vendor_debian·2023·CVSS 8.8
CVE-2023-3215 [HIGH] CVE-2023-3215: chromium - Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remo...
Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Scope: local
bookworm: resolved (fixed in 114.0.5735.133-1~deb12u1)
bullseye: resolved (fixed in 114.0.5735.133-1~deb11u1)
forky: resolved (fixed in 114.0.5735.133-1)
sid: resolved (fixed in 114.0.5735.133-1)
trixie: resolved (fixed in 114.0.5735.133-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop_13.htmlhttps://crbug.com/1446274https://lists.fedoraproject.org/archives/list/[email protected]/message/JEH75UOM7FAXDUPC37YHP7ONL2HSDIJR/https://lists.fedoraproject.org/archives/list/[email protected]/message/O362DC3ZCFRXVHOXMPIL73YOWABQEUYD/https://security.gentoo.org/glsa/202311-11https://security.gentoo.org/glsa/202401-34https://www.debian.org/security/2023/dsa-5428https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop_13.htmlhttps://crbug.com/1446274https://lists.fedoraproject.org/archives/list/[email protected]/message/JEH75UOM7FAXDUPC37YHP7ONL2HSDIJR/https://lists.fedoraproject.org/archives/list/[email protected]/message/O362DC3ZCFRXVHOXMPIL73YOWABQEUYD/https://security.gentoo.org/glsa/202311-11https://security.gentoo.org/glsa/202401-34https://www.debian.org/security/2023/dsa-5428
2023-06-13
Published