Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P
Vendors Products
Google
  • Chrome
Redhat
  • Enterprise Linux Server
  • Enterprise Linux Server Eus
  • Enterprise Linux Server Tus
  • Enterprise Linux Desktop
  • Enterprise Linux Workstation
  • Enterprise Linux Server Aus
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux

Configuration 1 [-]

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
References
Link Resource
http://www.securityfocus.com/bid/105666
http://www.securityfocus.com/bid/106168
https://access.redhat.com/errata/RHSA-2018:3004
https://access.redhat.com/errata/RHSA-2018:3831
https://access.redhat.com/errata/RHSA-2018:3833
https://access.redhat.com/errata/RHSA-2019:0159
https://access.redhat.com/errata/RHSA-2019:0160
https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html
https://crbug.com/880906
https://lists.debian.org/debian-lts-announce/2018/12/msg00002.html
https://security.gentoo.org/glsa/201811-10
https://usn.ubuntu.com/3844-1/
https://usn.ubuntu.com/3868-1/
https://www.debian.org/security/2018/dsa-4330
https://www.debian.org/security/2018/dsa-4354
https://www.debian.org/security/2019/dsa-4362
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: Chrome

Published: 2018-11-14T15:00:00

Updated: 2019-01-25T10:57:01

Reserved: 2018-09-25T00:00:00

Link: CVE-2018-17466

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2018-11-14T15:29:00.437

Modified: 2023-11-07T02:54:24.570

Link: CVE-2018-17466

JSON object: View

cve-icon Redhat Information

No data.

CWE