Chrome <=126.0.6478.54 Heap Corrupt via Mem Alloc | CVE-2024-5839
CVE-2024-5839 Published on June 11, 2024

Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

NVD

Vulnerability Analysis

CVE-2024-5839 can be exploited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

REQUIRED

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

Use of Function with Inconsistent Implementations

The code uses a function that has inconsistent implementations across operating systems and versions.

Products Associated with CVE-2024-5839

stack.watch emails you whenever new vulnerabilities are published in Google Chrome or Fedora Project Fedora. Just hit a watch button to start following.

Google Chrome

Fedora Project Fedora

Affected Versions

Google Chrome:

Version 126.0.6478.54 and below 126.0.6478.54 is affected.

google chrome:

Before 126.0.6478.54 is affected.

Exploit Probability

EPSS

0.12%

Percentile

31.27%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Chrome <=126.0.6478.54 Heap Corrupt via Mem Alloc | CVE-2024-5839CVE-2024-5839 Published on June 11, 2024

Vulnerability Analysis

Weakness Type

Use of Function with Inconsistent Implementations

Products Associated with CVE-2024-5839

Affected Versions

Exploit Probability

Chrome <=126.0.6478.54 Heap Corrupt via Mem Alloc | CVE-2024-5839
CVE-2024-5839 Published on June 11, 2024