CVE-2024-3159
📋 TL;DR
This vulnerability allows remote attackers to perform arbitrary memory read/write operations through a crafted HTML page due to out-of-bounds memory access in Chrome's V8 JavaScript engine. It affects all users of Google Chrome versions prior to 123.0.6312.105. Attackers could exploit this to execute arbitrary code on affected systems.
💻 Affected Systems
- Google Chrome
- Chromium-based browsers
📦 What is this software?
Chrome by Google
Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...
Learn more about Chrome →⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to full system compromise, data theft, ransomware deployment, or persistent backdoor installation.
Likely Case
Arbitrary code execution within the Chrome sandbox, potentially leading to credential theft, session hijacking, or malware installation.
If Mitigated
Limited impact due to Chrome's sandboxing, but still potentially serious if combined with other vulnerabilities.
🎯 Exploit Status
Exploitation requires user interaction (visiting malicious page) but no authentication. The vulnerability is in V8 engine which is complex to exploit reliably.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 123.0.6312.105 and later
Vendor Advisory: https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html
Restart Required: Yes
Instructions:
1. Open Chrome. 2. Click three-dot menu → Help → About Google Chrome. 3. Chrome will automatically check for and install updates. 4. Click 'Relaunch' to restart Chrome with the update.
🔧 Temporary Workarounds
Disable JavaScript
allTemporarily disable JavaScript execution in Chrome to prevent exploitation via malicious HTML pages.
chrome://settings/content/javascript → Toggle to 'Blocked'
Use Site Isolation
allEnsure Chrome's Site Isolation feature is enabled to limit impact of memory corruption vulnerabilities.
chrome://flags/#site-isolation-trial-opt-out → Set to 'Disabled'
🧯 If You Can't Patch
- Restrict access to untrusted websites using web filtering or proxy controls.
- Implement application whitelisting to prevent execution of unauthorized binaries that might be dropped via exploitation.
🔍 How to Verify
Check if Vulnerable:
Check Chrome version in About Google Chrome page. If version is below 123.0.6312.105, system is vulnerable.Check Version:
On Windows: "C:\Program Files\Google\Chrome\Application\chrome.exe" --version
On macOS: /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --version
On Linux: google-chrome --versionVerify Fix Applied:
Verify Chrome version is 123.0.6312.105 or higher after update.📡 Detection & Monitoring
Log Indicators:
- Chrome crash reports with V8-related stack traces
- Unexpected Chrome process termination
- Security event logs showing unexpected process creation
Network Indicators:
- Requests to known malicious domains hosting exploit code
- Unusual outbound connections from Chrome processes
SIEM Query:
source="chrome_logs" AND (message="*V8*" OR message="*out of bounds*" OR message="*memory access*")🔗 References
- https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html
- https://issues.chromium.org/issues/330760873
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/
- https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html
- https://issues.chromium.org/issues/330760873
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U26WECLV5QAQVTIFAUDSRO6QX3NTHYVC/
