Login Sign Up

CVE-2023-5852

8.8 HIGH

📋 TL;DR

This is a use-after-free vulnerability in Google Chrome's printing component that allows heap corruption when users perform specific UI gestures. Attackers can potentially execute arbitrary code or crash the browser by tricking users into interacting with malicious content. All Chrome users prior to version 119.0.6045.105 are affected.

💻 Affected Systems

Products:
  • Google Chrome
  • Chromium-based browsers
Versions: All versions prior to 119.0.6045.105
Operating Systems: Windows, macOS, Linux, ChromeOS
Default Config Vulnerable: ⚠️ Yes
Notes: All standard Chrome installations are vulnerable; extensions or security settings don't mitigate this

📦 What is this software?

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full system compromise, data theft, or ransomware deployment

🟠

Likely Case

Browser crash (denial of service) or limited code execution within sandbox constraints

🟢

If Mitigated

No impact if Chrome is updated or if users avoid suspicious UI interactions

🌐 Internet-Facing: HIGH - Exploitable via web content without authentication
🏢 Internal Only: MEDIUM - Requires user interaction but could be exploited via internal web applications

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Requires user interaction with specific UI gestures; no public exploit code available at disclosure

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 119.0.6045.105 and later

Vendor Advisory: https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html

Restart Required: Yes

Instructions:

1. Open Chrome 2. Click menu (three dots) → Help → About Google Chrome 3. Chrome will automatically check for and install updates 4. Click 'Relaunch' to restart with the patched version

🔧 Temporary Workarounds

Disable Chrome auto-updates (temporary)

all

Prevent Chrome from updating while testing compatibility, but update manually as soon as possible

# Linux: sudo apt-mark hold google-chrome-stable
# macOS: Disable via Chrome settings → Advanced → Update
# Windows: Disable via Group Policy or registry

🧯 If You Can't Patch

  • Restrict user access to untrusted websites and disable printing functionality
  • Implement application whitelisting to prevent unauthorized Chrome execution

🔍 How to Verify

Check if Vulnerable:

Check Chrome version: if below 119.0.6045.105, you are vulnerable

Check Version:

google-chrome --version (Linux/macOS) or navigate to chrome://version/

Verify Fix Applied:

Confirm Chrome version is 119.0.6045.105 or higher after update

📡 Detection & Monitoring

Log Indicators:

  • Chrome crash reports with printing-related stack traces
  • Unexpected Chrome process termination events

Network Indicators:

  • Unusual outbound connections following Chrome crashes
  • Traffic to known exploit hosting domains

SIEM Query:

source="chrome_logs" AND (event="crash" OR event="segfault") AND process="chrome" AND module="printing"

📊 Metadata

CVE ID: CVE-2023-5852
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-416
Published: November 1, 2023
Last Updated: April 29, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-5852, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)