Vulnerabilities > CVE-2024-5158 - Type Confusion vulnerability in Fedoraproject Fedora 39/40

CVSS 8.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

fedoraproject

CWE-843

NVD

Published: 2024-05-22

Updated: 2024-12-19

Summary

Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

Vulnerable Configurations

Part	Description	Count
OS	Fedoraproject Fedoraproject Fedora 39 Fedoraproject Fedora 40	2

Common Weakness Enumeration (CWE)

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

References

https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html
https://issues.chromium.org/issues/338908243
https://issues.chromium.org/issues/338908243
https://lists.fedoraproject.org/archives/list/[email protected]/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/
https://lists.fedoraproject.org/archives/list/[email protected]/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/
https://lists.fedoraproject.org/archives/list/[email protected]/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/
https://lists.fedoraproject.org/archives/list/[email protected]/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/