Google Chrome V8 Enum Cache Out-Of-Bounds Read RCE Vulnerability - 20240416003

Overview

Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.(Chromium security severity: High)

What is vulnerable?

CVE	Severity	CVSS	Product(s) Affected
CVE-2024-3159	High	Not yet rated	Google Chrome prior to 123.0.6312.105

What has been observed?

There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month... (refer Patch Management):

• Google chrome Releases
• Chromium Issues

Additional References

• Tenable|CVE-2024-3159
• Google fixes one more Chrome zero-day exploited at Pwn2Own
• Security Week