CVE-2023-6112
published 2023-11-15CVE-2023-6112: Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page…
PriorityP264high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
30.34%
98.0th percentile
Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 119.0.6045.159-1~deb11u1 | 119.0.6045.159-1~deb11u1 |
| chromium | chromium | >= 0 < 119.0.6045.159-1~deb12u1 | 119.0.6045.159-1~deb12u1 |
| chromium | chromium | >= 0 < 119.0.6045.159-1 | 119.0.6045.159-1 |
| chromium | chromium | >= 0 < 119.0.6045.159-1 | 119.0.6045.159-1 |
| debian | chromium | < chromium 119.0.6045.159-1~deb12u1 (bookworm) | chromium 119.0.6045.159-1~deb12u1 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| chrome | < 119.0.6045.159 | 119.0.6045.159 | |
| chrome | >= 119.0.6045.159 < 119.0.6045.159 | 119.0.6045.159 | |
| msrc | microsoft_edge | — | — |
| msrc | microsoft_edge_extended_stable | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is triggered via a crafted HTML page delivered remotely; monitor for exploitation of Chrome/Edge Navigation component (use-after-free, heap corruption) in versions prior to 119.0.6045.159 ↗
- ·Google Chrome versions prior to 119.0.6045.159 are vulnerable; upgrade to 119.0.6045.159 or later to remediate ↗
- ·Microsoft Edge (Chromium-based) is also affected; the fixed version is Edge Stable 119.0.2151.72 (based on Chromium 119.0.6045.159/.160), released 11/16/2023 ↗
- ·Debian packages are fixed in chromium 119.0.6045.159-1~deb12u1 (bookworm), 119.0.6045.159-1~deb11u1 (bullseye), and 119.0.6045.159-1 (sid/trixie/forky) ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2023-6112: Use after free in Navigation in Google Chrome prior to 119
osv·2023-11-15·CVSS 8.8
CVE-2023-6112 [HIGH] CVE-2023-6112: Use after free in Navigation in Google Chrome prior to 119
Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
GHSA
GHSA-35r7-vh9q-xpf7: Use after free in Navigation in Google Chrome prior to 119
ghsa_unreviewed·2023-11-15
CVE-2023-6112 [HIGH] CWE-416 GHSA-35r7-vh9q-xpf7: Use after free in Navigation in Google Chrome prior to 119
Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Microsoft
Chromium: CVE-2023-6112 Use after free in Navigation
vendor_msrc·2023-11-14·CVSS 8.8
CVE-2023-6112 [HIGH] Chromium: CVE-2023-6112 Use after free in Navigation
Chromium: CVE-2023-6112 Use after free in Navigation
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
Click on Help and Feedback
Click on About Microsoft Edge
FAQ:
Debian
CVE-2023-6112: chromium - Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a ...
vendor_debian·2023·CVSS 8.8
CVE-2023-6112 [HIGH] CVE-2023-6112: chromium - Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a ...
Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Scope: local
bookworm: resolved (fixed in 119.0.6045.159-1~deb12u1)
bullseye: resolved (fixed in 119.0.6045.159-1~deb11u1)
forky: resolved (fixed in 119.0.6045.159-1)
sid: resolved (fixed in 119.0.6045.159-1)
trixie: resolved (fixed in 119.0.6045.159-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/176721/Chrome-content-NavigationURLLoaderImpl-FallbackToNonInterceptedRequest-Heap-Use-After-Free.htmlhttps://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.htmlhttps://crbug.com/1499298https://lists.fedoraproject.org/archives/list/[email protected]/message/JHUI5HW7QXT3U74MJMTLUMF5REDO5HD5/https://lists.fedoraproject.org/archives/list/[email protected]/message/MN3JQGEC4EFQP3WTI33YBD3CLC3I7P4X/https://lists.fedoraproject.org/archives/list/[email protected]/message/XWHRLW3GDNFBFSBHDD4QOPUPX7ORTUEC/https://security.gentoo.org/glsa/202311-11https://security.gentoo.org/glsa/202312-07https://security.gentoo.org/glsa/202401-34https://www.debian.org/security/2023/dsa-5556http://packetstormsecurity.com/files/176721/Chrome-content-NavigationURLLoaderImpl-FallbackToNonInterceptedRequest-Heap-Use-After-Free.htmlhttps://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.htmlhttps://crbug.com/1499298https://lists.fedoraproject.org/archives/list/[email protected]/message/JHUI5HW7QXT3U74MJMTLUMF5REDO5HD5/https://lists.fedoraproject.org/archives/list/[email protected]/message/MN3JQGEC4EFQP3WTI33YBD3CLC3I7P4X/https://lists.fedoraproject.org/archives/list/[email protected]/message/XWHRLW3GDNFBFSBHDD4QOPUPX7ORTUEC/https://security.gentoo.org/glsa/202311-11https://security.gentoo.org/glsa/202312-07https://security.gentoo.org/glsa/202401-34https://www.debian.org/security/2023/dsa-5556
2023-11-15
Published