Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Required

Privileges Required

None

Attack Vector

Network

0

CVE-2023-5217

Disclosure Date: September 28, 2023 •

CVE-2023-5217 CVSS v3 Base Score: 8.8

Exploited in the Wild

Reported by inokii
View Source Details

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

8.8 High

Impact Score:

5.9

Exploitability Score:

2.8

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

Required

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

Vendors

apple,
debian,
fedoraproject,
microsoft,
mozilla,
webmproject

Products

debian linux 10.0,
debian linux 11.0,
debian linux 12.0,
edge 116.0.1938.98,
edge 117.0.2045.47,
edge chromium 116.0.5845.229,
edge chromium 117.0.5938.132,
fedora 37,
fedora 38,
fedora 39,
firefox,
firefox esr,
firefox focus,
ipad os,
ipad os 16.7,
iphone os,
iphone os 16.7,
libvpx,
thunderbird

Exploited in the Wild

Reported by:

inokii indicated sources as

Vendor Advisory (https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html)
Government or Industry Alert (https://www.cisa.gov/known-exploited-vulnerabilities-catalog)
Other: CISA Gov Alert (https://www.cisa.gov/news-events/alerts/2023/10/02/cisa-adds-one-known-exploited-vulnerability-catalog)

Reported: September 28, 2023 5:18am UTC (9 months ago) • Edited 9 months ago

References

Canonical

CVE-2023-5217 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217)

Exploit

PoCs that have not been added by contributors directly have been sourced from: nomi-sec/PoC-in-GitHub.
A PoC added here by the AKB Worker must have at least 2 GitHub stars.

cve-2023-5217-poc (https://github.com/wrv/cve-2023-5217-poc) (Added by AKB Worker)

Miscellaneous

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html

https://crbug.com/1486441

http://www.openwall.com/lists/oss-security/2023/09/28/5

http://www.openwall.com/lists/oss-security/2023/09/28/6

http://www.openwall.com/lists/oss-security/2023/09/29/1

http://www.openwall.com/lists/oss-security/2023/09/29/2

http://www.openwall.com/lists/oss-security/2023/09/29/7

http://www.openwall.com/lists/oss-security/2023/09/29/9

https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/

https://security-tracker.debian.org/tracker/CVE-2023-5217

https://bugzilla.redhat.com/show_bug.cgi?id=2241191

https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/

https://www.openwall.com/lists/oss-security/2023/09/28/5

https://pastebin.com/TdkC4pDv

https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590

https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282

https://github.com/webmproject/libvpx/tags

http://www.openwall.com/lists/oss-security/2023/09/29/11

http://www.openwall.com/lists/oss-security/2023/09/29/12

http://www.openwall.com/lists/oss-security/2023/09/29/14

https://www.debian.org/security/2023/dsa-5510

https://www.debian.org/security/2023/dsa-5509

https://www.debian.org/security/2023/dsa-5508

http://www.openwall.com/lists/oss-security/2023/09/30/1

https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html

https://twitter.com/maddiestone/status/1707163313711497266

https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/

https://github.com/webmproject/libvpx/releases/tag/v1.13.1

http://www.openwall.com/lists/oss-security/2023/09/30/3

http://www.openwall.com/lists/oss-security/2023/09/30/2

http://www.openwall.com/lists/oss-security/2023/09/30/4

http://www.openwall.com/lists/oss-security/2023/09/30/5

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/

http://www.openwall.com/lists/oss-security/2023/10/01/2

http://www.openwall.com/lists/oss-security/2023/10/01/1

http://www.openwall.com/lists/oss-security/2023/10/01/5

https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/

http://www.openwall.com/lists/oss-security/2023/10/02/6

http://www.openwall.com/lists/oss-security/2023/10/03/11

https://security.gentoo.org/glsa/202310-04

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/

http://seclists.org/fulldisclosure/2023/Oct/12

https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html

http://seclists.org/fulldisclosure/2023/Oct/16

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/

https://support.apple.com/kb/HT213961

https://support.apple.com/kb/HT213972

https://security.gentoo.org/glsa/202401-34

Rapid7

Technical Analysis