Vulnerability CVE-2018-6038: Information

Description

Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Published: Sept. 25, 2018
Modified: Nov. 7, 2023
Error type identifier: CWE-119CWE-125

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
chromiumsisyphus64.0.3282.119-alt1124.0.6367.78-alt1ALT-PU-2018-1126-1199586Fixed
chromiump1064.0.3282.119-alt1119.0.6045.159-alt0.p10.1ALT-PU-2018-1126-1199586Fixed
chromiump964.0.3282.119-alt197.0.4692.99-alt0.p9.1ALT-PU-2018-1126-1199586Fixed
chromiumc10f164.0.3282.119-alt1110.0.5481.177-alt1.p10.1ALT-PU-2018-1126-1199586Fixed
chromiumc9f264.0.3282.119-alt184.0.4147.105-alt1.1.p9ALT-PU-2018-1126-1199586Fixed

References to Advisories, Solutions, and Tools

    1. Configuration 1

      cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
      End excliding
      64.0.3282.119

      Configuration 2

      cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

      cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*