cbcvebase.
CVE-2023-3217
published 2023-06-13

CVE-2023-3217: Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page…

PriorityP358high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
13.31%
95.9th percentile
Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Affected

12 ranges
VendorProductVersion rangeFixed in
chromiumchromium>= 0 < 114.0.5735.133-1~deb11u1114.0.5735.133-1~deb11u1
chromiumchromium>= 0 < 114.0.5735.133-1~deb12u1114.0.5735.133-1~deb12u1
chromiumchromium>= 0 < 114.0.5735.133-1114.0.5735.133-1
chromiumchromium>= 0 < 114.0.5735.133-1114.0.5735.133-1
debianchromium< chromium 114.0.5735.133-1~deb12u1 (bookworm)chromium 114.0.5735.133-1~deb12u1 (bookworm)
debiandebian_linux
debiandebian_linux
fedoraprojectfedora
googlechrome< 114.0.5735.133114.0.5735.133
googlechrome>= 114.0.5735.133 < 114.0.5735.133114.0.5735.133
googlechrome_chrome
msrcmicrosoft_edge

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is triggered via a crafted HTML page exploiting a use-after-free in the WebXR component of Chromium-based browsers; monitor for suspicious WebXR API usage in browser telemetry.
  • Attack is remotely initiated and requires no local access; heap corruption exploitation via WebXR suggests monitoring for renderer process crashes or heap spray patterns in Chrome/Edge processes.
  • ·Fixed in Google Chrome 114.0.5735.133; any Chrome installation below this version is vulnerable.
  • ·Debian packages are also affected; fixed versions are available for bookworm, bullseye, forky, sid, and trixie.
  • ·Vulnerability was reported by Sergei Glazunov of Google Project Zero on 2023-06-01, indicating it was discovered by a reputable researcher and may have been under coordinated disclosure.

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.