Login Sign Up

CVE-2023-5854

8.8 HIGH

📋 TL;DR

This is a use-after-free vulnerability in Google Chrome's Profiles feature that could allow heap corruption. Attackers can exploit it by tricking users into performing specific UI gestures. All Chrome users prior to version 119.0.6045.105 are affected.

💻 Affected Systems

Products:
  • Google Chrome
  • Chromium-based browsers
Versions: All versions prior to 119.0.6045.105
Operating Systems: Windows, macOS, Linux, ChromeOS
Default Config Vulnerable: ⚠️ Yes
Notes: All standard Chrome installations are vulnerable. Chromium-based browsers may also be affected.

📦 What is this software?

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full system compromise, data theft, or malware installation.

🟠

Likely Case

Browser crash or instability, with potential for limited data exposure or sandbox escape.

🟢

If Mitigated

No impact if patched; Chrome's sandbox may limit damage if exploited.

🌐 Internet-Facing: HIGH - Attackers can exploit via malicious websites or content.
🏢 Internal Only: MEDIUM - Requires user interaction but could be exploited via internal phishing.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Requires user interaction with specific UI gestures, but no authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 119.0.6045.105 and later

Vendor Advisory: https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html

Restart Required: Yes

Instructions:

1. Open Chrome. 2. Click three-dot menu → Help → About Google Chrome. 3. Chrome will check for and install updates automatically. 4. Click 'Relaunch' to restart Chrome.

🔧 Temporary Workarounds

Disable JavaScript

all

Prevents exploitation by disabling JavaScript execution, but breaks most websites.

Use Chrome Enterprise policies

windows

Restrict browser features via Group Policy or administrative templates.

🧯 If You Can't Patch

  • Use alternative browsers until patching is possible.
  • Implement network filtering to block malicious websites and restrict browser usage.

🔍 How to Verify

Check if Vulnerable:

Check Chrome version in Settings → About Chrome. If version is below 119.0.6045.105, it's vulnerable.

Check Version:

On Windows: "chrome://version/" in address bar. On Linux/macOS: google-chrome --version

Verify Fix Applied:

Confirm Chrome version is 119.0.6045.105 or higher in About Chrome.

📡 Detection & Monitoring

Log Indicators:

  • Chrome crash reports
  • Unexpected process termination logs
  • Security event logs showing exploit attempts

Network Indicators:

  • Traffic to known malicious domains hosting exploit code
  • Unusual outbound connections after user visits suspicious sites

SIEM Query:

source="chrome_logs" AND (event="crash" OR event="security_violation") AND version<"119.0.6045.105"

📊 Metadata

CVE ID: CVE-2023-5854
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-416
Published: November 1, 2023
Last Updated: April 29, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-5854, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)