CVE-2023-1227
Summary
| CVE | CVE-2023-1227 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2023-03-07 22:15:00 UTC |
|---|
| Updated | 2023-03-11 02:37:00 UTC |
|---|
| Description | Use after free in Core in Google Chrome on Lacros prior to 111.0.5563.64 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium) |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| 1348791 -
chromium -
An open-source project to help move the web forward. -
Monorail |
MISC |
crbug.com |
|
| Chrome Releases: Stable Channel Update for Desktop |
MISC |
chromereleases.googleblog.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 181667 Debian Security Update for chromium (DSA 5371-1)
- 184961 Debian Security Update for chromium (CVE-2023-1227)
- 283780 Fedora Security Update for chromium (FEDORA-2023-1cf9c4477b)
- 283796 Fedora Security Update for chromium (FEDORA-2023-015e4d696d)
- 284247 Fedora Security Update for alsa (FEDORA-2023-a5e10b188a)
- 378059 Google Chrome Prior to 111.0.5563.64 Multiple Vulnerabilities
- 691095 Free Berkeley Software Distribution (FreeBSD) Security Update for chromium (d357f6bb-0af4-4ac9-b096-eeec183ad829)
- 754045 OpenSUSE Security Update for opera (openSUSE-SU-2023:0114-1)
- 754103 OpenSUSE Security Update for opera (openSUSE-SU-2023:0115-1)
