Login Sign Up

CVE-2023-1531

8.8 HIGH

📋 TL;DR

This vulnerability is a use-after-free memory corruption flaw in ANGLE (Almost Native Graphics Layer Engine) component of Google Chrome. It allows remote attackers to potentially execute arbitrary code or cause denial of service by tricking users into visiting a malicious HTML page. All Chrome users prior to version 111.0.5563.110 are affected.

💻 Affected Systems

Products:
  • Google Chrome
  • Chromium-based browsers
Versions: All versions prior to 111.0.5563.110
Operating Systems: Windows, Linux, macOS, ChromeOS
Default Config Vulnerable: ⚠️ Yes
Notes: All standard Chrome installations are vulnerable. ANGLE is enabled by default for WebGL/OpenGL ES compatibility.

📦 What is this software?

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

Chromium by Chromium

View all CVEs affecting Chromium →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Browser crash (denial of service) or limited code execution within sandboxed Chrome process.

🟢

If Mitigated

No impact if Chrome is fully patched or if exploit attempts are blocked by security controls.

🌐 Internet-Facing: HIGH - Exploitable via malicious websites without user interaction beyond visiting the page.
🏢 Internal Only: MEDIUM - Requires user to visit malicious internal page or compromised internal site.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Use-after-free vulnerabilities typically require careful memory manipulation but Chrome's high severity rating suggests reliable exploitation is possible.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 111.0.5563.110 and later

Vendor Advisory: https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop_21.html

Restart Required: Yes

Instructions:

1. Open Chrome. 2. Click three-dot menu → Help → About Google Chrome. 3. Chrome will automatically check for and install update. 4. Click 'Relaunch' to restart Chrome with updated version.

🔧 Temporary Workarounds

Disable WebGL/ANGLE

all

Disable hardware acceleration features that use ANGLE component

chrome://flags → Search 'ANGLE' → Set to 'Disabled'
chrome://flags → Search 'WebGL' → Set to 'Disabled'

Enable Site Isolation

all

Enforce site isolation to limit impact of potential exploitation

chrome://flags → Search 'Site Isolation' → Enable all options

🧯 If You Can't Patch

  • Use alternative browser until Chrome can be updated
  • Implement web filtering to block known malicious sites and restrict browsing to trusted domains only

🔍 How to Verify

Check if Vulnerable:

Check Chrome version: if below 111.0.5563.110, system is vulnerable.

Check Version:

google-chrome --version (Linux) or chrome://version in browser address bar

Verify Fix Applied:

Confirm Chrome version is 111.0.5563.110 or higher after update.

📡 Detection & Monitoring

Log Indicators:

  • Chrome crash reports with ANGLE-related stack traces
  • Unexpected Chrome process termination events

Network Indicators:

  • Requests to known exploit hosting domains
  • Unusual outbound connections from Chrome processes

SIEM Query:

source="chrome_crash_reports" AND (message="*ANGLE*" OR message="*use-after-free*")

📊 Metadata

CVE ID: CVE-2023-1531
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-416
Published: March 21, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-1531, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)