CVE-2019-5788
Google Chrome < M73 - FileSystemOperationRunner Use-After-Free
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
Un desbordamiento de enteros que provoca un uso de memoria previamente liberada (use-after-free) en Blink Storage en Google Chrome sobre Linux antes de la versión 73.0.3683.75, permitió que un atacante remoto que había comprometido el proceso del renderizador ejecutara código arbitrario por medio de una página HTML creada.
Chrome suffers from a use-after-free vulnerability in FileSystemOperationRunner.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-01-09 CVE Reserved
- 2019-03-19 CVE Published
- 2019-03-19 First Exploit
- 2024-08-04 CVE Updated
- 2024-09-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-190: Integer Overflow or Wraparound
- CWE-416: Use After Free
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | X_refsource_misc | |
| https://crbug.com/925864 | X_refsource_misc |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/46571 | 2019-03-19 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | 2023-11-07 | |
| https://access.redhat.com/security/cve/CVE-2019-5788 | 2019-04-08 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1688190 | 2019-04-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | < 73.0.3683.75 Search vendor "Google" for product "Chrome" and version " < 73.0.3683.75" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Backports Search vendor "Opensuse" for product "Backports" | sle-15 Search vendor "Opensuse" for product "Backports" and version "sle-15" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.0 Search vendor "Opensuse" for product "Leap" and version "15.0" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.1 Search vendor "Opensuse" for product "Leap" and version "15.1" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 42.3 Search vendor "Opensuse" for product "Leap" and version "42.3" | - |
Affected
| ||||||