Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217)

Google has fixed another critical zero-day vulnerability (CVE-2023-5217) in Chrome that is being exploited in the wild. About CVE-2023-5217 The vulnerability is caused by a heap buffer overflow in vp8 encoding in libvpx – a video codec library from Google and the Alliance for Open Media (AOMedia). Heap buffer overflows can cause program crashes or arbitrary code execution. CVE-2023-5217 has been fixed in Google Chrome 117.0.5938.132 for Windows, Mac and Linux users. Google noted that … More →

The post …

0 day alliance buffer buffer overflow buffer overflows chrome chrome zero-day critical cve cve-2023-5217 don't miss encoding exploited google heap buffer overflow hot stuff library media overflow security update video vulnerability zero-day zero-day vulnerability