CVE-2024-8636
📋 TL;DR
This vulnerability is a heap buffer overflow in Chrome's Skia graphics engine that allows remote attackers to potentially exploit heap corruption via a crafted HTML page. Attackers could execute arbitrary code or cause denial of service. All users of affected Chrome versions are vulnerable when visiting malicious websites.
💻 Affected Systems
- Google Chrome
- Chromium-based browsers
📦 What is this software?
Chrome by Google
Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...
Learn more about Chrome →⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to full system compromise, data theft, or ransomware deployment.
Likely Case
Browser crash/denial of service or limited code execution within sandboxed Chrome process.
If Mitigated
Browser crash with no further impact if sandboxing holds and exploit fails.
🎯 Exploit Status
Exploitation requires bypassing Chrome's sandbox and other mitigations, but heap corruption primitives are powerful.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 128.0.6613.137 and later
Vendor Advisory: https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html
Restart Required: Yes
Instructions:
1. Open Chrome. 2. Click three-dot menu → Help → About Google Chrome. 3. Chrome will automatically check for and install update. 4. Click 'Relaunch' to restart Chrome with updated version.
🔧 Temporary Workarounds
Disable JavaScript
allPrevents execution of malicious JavaScript that could trigger the vulnerability
chrome://settings/content/javascript → Block
Use site isolation
allEnsures sites are isolated in separate processes (already default in Chrome)
chrome://flags/#site-isolation-trial-opt-out → Disabled
🧯 If You Can't Patch
- Restrict browsing to trusted websites only
- Use application allowlisting to prevent unauthorized Chrome execution
🔍 How to Verify
Check if Vulnerable:
Check Chrome version: chrome://version and compare to 128.0.6613.137Check Version:
On Windows: "chrome://version" in address bar; On Linux: google-chrome --version; On macOS: /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --versionVerify Fix Applied:
Confirm Chrome version is 128.0.6613.137 or higher via chrome://version📡 Detection & Monitoring
Log Indicators:
- Chrome crash reports with SIGSEGV/SIGABRT
- Unexpected Chrome process termination
- Skia-related error messages
Network Indicators:
- Requests to known malicious domains serving crafted HTML
- Unusual outbound connections after visiting suspicious sites
SIEM Query:
source="chrome_crash_logs" AND (message="SIGSEGV" OR message="heap corruption") OR process_name="chrome.exe" AND termination_reason="exception"