CVE-2023-4863 zero-day - patched in branch 5845 and 5938?

Having problems with building or using CEF's C/C++ APIs? This forum is here to help. Please do not post bug reports or feature requests here.

CVE-2023-4863 zero-day - patched in branch 5845 and 5938?

Postby HarmlessDave » Thu Sep 14, 2023 1:13 pm

https://nvd.nist.gov/vuln/detail/CVE-2023-4863 - "Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)"

This CVE was only posted 2 days ago but it seems pretty serious.

Has the Chromium patch for this already been added to CEF 116 (5845) and 117 (5938) or is that coming in a future update?
HarmlessDave
Expert
 
Posts: 370
Joined: Fri Jul 11, 2014 2:02 pm

Re: CVE-2023-4863 zero-day - patched in branch 5845 and 5938

Postby magreenblatt » Thu Sep 14, 2023 1:47 pm

Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187

CEF M116 builds are currently at 116.0.5845.189, so it sounds like those will include the fix. Do you know what version of M117 includes the fix?
magreenblatt
Site Admin
 
Posts: 12744
Joined: Fri May 29, 2009 6:57 pm

Re: CVE-2023-4863 zero-day - patched in branch 5845 and 5938

Postby HarmlessDave » Thu Sep 14, 2023 2:51 pm

magreenblatt wrote:
Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187

CEF M116 builds are currently at 116.0.5845.189, so it sounds like those will include the fix. Do you know what version of M117 includes the fix?

Sorry, no. It isn't clear from the CVE what the minimum 117 version is, but I noticed there was a Google Chrome update today to Version 117.0.5938.63 (Official Build) (64-bit) that was probably to add the fix.
HarmlessDave
Expert
 
Posts: 370
Joined: Fri Jul 11, 2014 2:02 pm

Re: CVE-2023-4863 zero-day - patched in branch 5845 and 5938

Postby ndesktop » Fri Sep 15, 2023 2:10 am

https://chromereleases.googleblog.com/2 ... op_11.html
Looks like fixed in 116.0.5845.187.

Edit: I think this is the fix. This is the DEPS commit.

For M117 I see the same commit here at 09-09-2023 22:56 then follows 117.0.5938.60 after 1+ hour on 09-09-2023 00:13.
So:
- M116: 116.0.5845.187
- M117: 117.0.5938.60
ndesktop
Master
 
Posts: 821
Joined: Thu Dec 03, 2015 10:10 am

Re: CVE-2023-4863 zero-day - patched in branch 5845 and 5938

Postby amaitland » Sun Sep 17, 2023 9:21 pm

Chrome 117.0.5938.62 (Linux and Mac), 117.0.5938.62/.63( Windows)

https://chromereleases.googleblog.com/2 ... 2.html?m=1
Maintainer of the CefSharp project.
amaitland
Virtuoso
 
Posts: 1312
Joined: Wed Jan 14, 2015 2:35 am

Re: CVE-2023-4863 zero-day - patched in branch 5845 and 5938

Postby magreenblatt » Fri Sep 29, 2023 12:39 pm

There's another related CVE (CVE-2023-5217) that is fixed in Chromium 117.0.5938.132. This one is triggered by WebCodecs API encoder usage, so a workaround for older versions is to disable the WebCodecs API (`--disable-blink-features=WebCodecs`).
magreenblatt
Site Admin
 
Posts: 12744
Joined: Fri May 29, 2009 6:57 pm


Return to Support Forum

Who is online

Users browsing this forum: Google [Bot] and 31 guests