Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-5129

Published: 25/09/2023 Updated: 07/11/2023

Vulnerability Summary

Heap buffer overflow in WebP in Google Chrome before 116.0.5845.187 allowed a remote malicious user to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) (CVE-2023-4863) With a specially crafted WebP lossless file, libwebp may write data out of bounds to the heap. The ReadHuffmanCodes() function allocates the HuffmanCode buffer with a size that comes from an array of precomputed sizes: kTableSize. The color_cache_bits value defines which size to use. The kTableSize array only takes into account sizes for 8-bit first-level table lookups but not second-level table lookups. libwebp allows codes that are up to 15-bit (MAX_ALLOWED_CODE_LENGTH). When BuildHuffmanTable() attempts to fill the second-level tables it may write data out-of-bounds. The OOB write to the undersized array happens in ReplicateValue. (CVE-2023-5129)

Vulnerability Trend

Vendor Advisories

Red Hat: Important: Migration Toolkit for Containers (MTC) 1.8.0 security and bug fix update
Synopsis Important: Migration Toolkit for Containers (MTC) 180 security and bug fix update Type/Severity Security Advisory: Important Topic The Migration Toolkit for Containers (MTC) 180 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ba ...
Red Hat: Important: Migration Toolkit for Applications security and bug fix update
Synopsis Important: Migration Toolkit for Applications security and bug fix update Type/Severity Security Advisory: Important Topic Migration Toolkit for Applications 621 releaseRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a deta ...
Red Hat: Important: Logging Subsystem 5.7.7 - Red Hat OpenShift security update
Synopsis Important: Logging Subsystem 577 - Red Hat OpenShift security update Type/Severity Security Advisory: Important Topic Logging Subsystem 577 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed sev ...
Red Hat: Important: Logging Subsystem 5.6.12 - Red Hat OpenShift security update
Synopsis Important: Logging Subsystem 5612 - Red Hat OpenShift security update Type/Severity Security Advisory: Important Topic Logging Subsystem 5612 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed s ...
Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.7.13 security and bug fix update
Synopsis Moderate: Migration Toolkit for Containers (MTC) 1713 security and bug fix update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 1713 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) bas ...
Amazon Linux 2: ALAS2-2023-2291
Heap buffer overflow in WebP in Google Chrome prior to 11605845187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page (Chromium security severity: Critical) (CVE-2023-4863) With a specially crafted WebP lossless file, libwebp may write data out of bounds to the heap The ReadHuffmanCodes() function alloca ...
Red Hat:
Description<!---->A heap-based buffer flaw was found in libwebp, a library used to process "WebP" image format data This issue occurs when processing certain specially formatted WebP images, which could allow an attacker to crash the system or remotely execute arbitrary code in an application such as a web browser compiled with this libraryA heap ...

Github Repositories

https://github.com/OITApps/Find-VulnerableElectronVersion

Scans an executable and determines if it was wrapped in an Electron version vulnerable to the Chromium vulnerability CVE-2023-4863/ CVE-2023-5129

Find-VulnerableElectronVersion Scans an executable and determines if it was wrapped in an Electron version vulnerable to the Chromium vulnerability CVE-2023-4863/ CVE-2023-5129 using the Sysinternals tool Strings Only supported on Windows devices Requires Sysinternals to be installed: learnmicrosoftcom/en-us/sysinternals/downloads/sysinternals-suite Example syntax:

https://github.com/GTGalaxi/ElectronVulnerableVersion

Find Electron Apps Vulnerable to CVE-2023-4863 / CVE-2023-5129

Find Electron Apps Vulnerable to CVE-2023-4863 / CVE-2023-5129 This PowerShell script downloads Sysinternals Strings, recursively searches for strings within all exe files across all drives, and compares the Electron version found with known patched versions below to determine vulnerability to CVE-2023-4863 / CVE-2023-5129 Note: The script downloads stringszip to C:\Windows

References

https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2023:5447https://github.com/OITApps/Find-VulnerableElectronVersionhttps://access.redhat.com/security/cve/cve-2023-5129https://alas.aws.amazon.com/AL2/ALAS-2023-2291.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333CVE-2024-33901CVE-2024-36001CVE-2024-2835firewallXPath injectionauthentication bypassCVE-2024-22120CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook