Vulnerability CVE-2024-1284: Information

Description

Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Published: Feb. 7, 2024
Modified: Feb. 14, 2024
Error type identifier: CWE-416

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
chromiumsisyphus121.0.6167.160-alt1121.0.6167.160-alt1ALT-PU-2024-2062-2339647Fixed

References to Advisories, Solutions, and Tools

    1. Configuration 1

      cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
      End excliding
      121.0.6167.160

      Configuration 2

      cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

      cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*