CVE-2024-0808
📋 TL;DR
This vulnerability is an integer underflow in Chrome's WebUI that allows remote attackers to trigger heap corruption via malicious files. It affects Google Chrome versions prior to 121.0.6167.85, potentially enabling arbitrary code execution. All users running vulnerable Chrome versions are at risk.
💻 Affected Systems
- Google Chrome
- Chromium-based browsers
📦 What is this software?
Chrome by Google
Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...
Learn more about Chrome →Fedora by Fedoraproject
Fedora by Fedoraproject
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to full system compromise, data theft, or ransomware deployment.
Likely Case
Browser crash (denial of service) or limited code execution within Chrome's sandbox.
If Mitigated
No impact if Chrome is fully patched or if exploit attempts are blocked by security controls.
🎯 Exploit Status
Exploitation requires user interaction (opening malicious file) but no authentication. No public exploit code known.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 121.0.6167.85 and later
Vendor Advisory: https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html
Restart Required: Yes
Instructions:
1. Open Chrome. 2. Click three-dot menu → Help → About Google Chrome. 3. Chrome will automatically check for and install update. 4. Click 'Relaunch' to restart Chrome.
🔧 Temporary Workarounds
Disable automatic file opening
allConfigure Chrome to ask before opening files to prevent automatic exploitation.
chrome://settings/content/pdfDocuments → Toggle 'Download PDFs instead of automatically opening them'
🧯 If You Can't Patch
- Use alternative browser until patch can be applied
- Implement application whitelisting to block Chrome execution
🔍 How to Verify
Check if Vulnerable:
Check Chrome version in Settings → About Chrome. If version is below 121.0.6167.85, it's vulnerable.Check Version:
google-chrome --version (Linux) or "C:\Program Files\Google\Chrome\Application\chrome.exe" --version (Windows)Verify Fix Applied:
Confirm Chrome version is 121.0.6167.85 or higher after update.📡 Detection & Monitoring
Log Indicators:
- Chrome crash reports
- Unexpected Chrome process termination
- Security event logs showing Chrome exploitation
Network Indicators:
- Downloads of suspicious files triggering Chrome crashes
- Unusual outbound connections from Chrome post-crash
SIEM Query:
source="chrome_logs" AND (event="crash" OR event="heap_corruption") AND version<"121.0.6167.85"🔗 References
- https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html
- https://crbug.com/1504936
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/
- https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html
- https://crbug.com/1504936
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/
