CVE-2023-1818

Use-After-Free in Google Chrome Browser < 112.0.5615.49

Use-After-Free in Google Chrome Browser < 112.0.5615.49

Use-After-Free in Google Chrome Browser < 112.0.5615.49

CVE ID
CVE-2023-1818
CVE Link
https://nvd.nist.gov/vuln/detail/CVE-2023-1818
Vendor
Google Chrome
Affected Product & Version
Google Chrome Browser < 112.0.5615.49
Vulnerability Type
Use-After-Free
CVSS Base Score / CVSS Vector

NVD: 8.8 High  / CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

BDO: 5.0 Medium  / CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L


Author
Patrick Walker
Date
2022-04-04

CVE Details

Description:

A Use-After-Free vulnerability in Vulkan in Google Chrome prior to 112.0.5615.49 allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Long-running draw calls in SwiftShader can cause ANGLE to emit a “device lost” message or Chrome’s GPU watchdog to be triggered. In either case will the GPU process be shutdown, causing ANGLE to shut down and releasing its Vulkan resources. Due to the shaders still running, previously free’d objects are being accessed, causing a Use-After-Free. As this happens during shutdown operations of the process, exploitability is deemed very unlikely.

Remediation:

Update to the most recent version of Chrome / Chromium.

References:


Timeline:

2021-06-04: Vulnerability reported to Google

2023-03-08: Vulnerability was fixed

2023-04-04: CVE published