CVE-2023-1529

Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)
Configurations

Configuration 1 (hide)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

History

20 Oct 2023, 20:43

Type Values Removed Values Added
References (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO3QZY4UQFP4XNF43ILMVVOABMB7KAQ5/ - (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO3QZY4UQFP4XNF43ILMVVOABMB7KAQ5/ - Mailing List
References (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FG3CRADL7IL5IHK4NCHG4LAYLKHFXETX/ - (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FG3CRADL7IL5IHK4NCHG4LAYLKHFXETX/ - Mailing List
References (MISC) https://security.gentoo.org/glsa/202309-17 - (MISC) https://security.gentoo.org/glsa/202309-17 - Third Party Advisory
References (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NGWWGQULJ7QRNP4GY57HE7OO7VMRWMPN/ - (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NGWWGQULJ7QRNP4GY57HE7OO7VMRWMPN/ - Mailing List
CWE CWE-119 CWE-787
First Time Fedoraproject
Fedoraproject fedora
CPE cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

30 Sep 2023, 11:15

Type Values Removed Values Added
References
  • (MISC) https://security.gentoo.org/glsa/202309-17 -

15 Apr 2023, 04:16

Type Values Removed Values Added
References
  • (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NGWWGQULJ7QRNP4GY57HE7OO7VMRWMPN/ -

12 Apr 2023, 04:15

Type Values Removed Values Added
References
  • (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO3QZY4UQFP4XNF43ILMVVOABMB7KAQ5/ -

10 Apr 2023, 03:15

Type Values Removed Values Added
References
  • (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FG3CRADL7IL5IHK4NCHG4LAYLKHFXETX/ -

27 Mar 2023, 03:55

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CPE cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
CWE CWE-119
References (MISC) https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop_21.html - (MISC) https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop_21.html - Release Notes, Vendor Advisory
References (MISC) https://crbug.com/1419718 - (MISC) https://crbug.com/1419718 - Permissions Required
First Time Google chrome
Google

21 Mar 2023, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-03-21 21:15

Updated : 2023-12-10 15:01


NVD link : CVE-2023-1529

Mitre link : CVE-2023-1529

CVE.ORG link : CVE-2023-1529


JSON object : View

Products Affected

google

  • chrome

fedoraproject

  • fedora
CWE
CWE-787

Out-of-bounds Write