CVE-2018-6038

Details

Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

Affected Packages

Google Chrome

Windows 10 (1507)Windows 10 (1607) / Server 2016Windows 10 (1809) / Server 2019Windows 10 (1903)Windows 10 (1909)

Fixed in:

64.0.3282.119

References

WEB

http://www.securityfocus.com/bid/102797

WEB

http://www.securitytracker.com/id/1040282

ADVISORY

https://access.redhat.com/errata/RHSA-2018:0265

WEB

https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html

WEB

https://crbug.com/774174

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2018-6038

ADVISORY

https://www.debian.org/security/2018/dsa-4103