CVE-2024-5499
📋 TL;DR
This vulnerability is an out-of-bounds write in Chrome's Streams API that allows remote attackers to execute arbitrary code within the browser's sandbox via a malicious HTML page. All users running Google Chrome versions prior to 125.0.6422.141 are affected. The vulnerability enables remote code execution with high severity.
💻 Affected Systems
- Google Chrome
- Chromium-based browsers
📦 What is this software?
Chrome by Google
Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...
Learn more about Chrome →Fedora by Fedoraproject
Fedora by Fedoraproject
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of the browser sandbox leading to arbitrary code execution, potential system compromise if combined with other vulnerabilities, and data exfiltration.
Likely Case
Remote code execution within the browser sandbox, enabling attackers to steal sensitive data, install malware, or perform actions on behalf of the user.
If Mitigated
Limited impact due to Chrome's sandboxing, potentially containing the exploit to the browser process only.
🎯 Exploit Status
Exploitation requires user interaction (visiting a malicious webpage). The vulnerability is in the Streams API which handles data streams in web applications.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 125.0.6422.141
Vendor Advisory: https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html
Restart Required: Yes
Instructions:
1. Open Chrome. 2. Click the three-dot menu. 3. Go to Help > About Google Chrome. 4. Chrome will automatically check for and install updates. 5. Click Relaunch to restart Chrome with the updated version.
🔧 Temporary Workarounds
Disable JavaScript
allTemporarily disable JavaScript to prevent exploitation via malicious web pages
chrome://settings/content/javascript
Use Browser Extensions
allInstall script-blocking extensions like NoScript or uBlock Origin to control JavaScript execution
🧯 If You Can't Patch
- Restrict access to untrusted websites and implement web filtering
- Use application whitelisting to prevent unauthorized browser execution
🔍 How to Verify
Check if Vulnerable:
Check Chrome version in Settings > About Chrome. If version is below 125.0.6422.141, the system is vulnerable.Check Version:
google-chrome --versionVerify Fix Applied:
Verify Chrome version is 125.0.6422.141 or higher in Settings > About Chrome.📡 Detection & Monitoring
Log Indicators:
- Chrome crash reports
- Unusual process spawns from Chrome
- Memory access violation logs
Network Indicators:
- Requests to known malicious domains hosting exploit code
- Unusual outbound connections from Chrome processes
SIEM Query:
source="chrome" AND (event_type="crash" OR process_name="chrome.exe" AND parent_process!="explorer.exe")🔗 References
- https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html
- https://issues.chromium.org/issues/339877167
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/
- https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html
- https://issues.chromium.org/issues/339877167
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/
