Blog

Google Addresses Latest Zero-Day Affecting Chrome

Google has addressed another zero-day vulnerability affecting Google Chrome, the third reported in the browser so far this year

June 6, 2023
Table Of Contents

New Chrome zero-day

Yesterday, Google addressed another zero-day vulnerability affecting Google Chrome. The Flashpoint Intel Team quickly published an alert to VulnDB customers and have been closely tracking the vulnerability since.

This is the third zero-day vulnerability reported in the popular browser so far this year. Exploitation of the vulnerability was noticed by Google’s own Threat Analysis Group (TAG), but details about active exploitation are currently limited.

V8 vulnerability

While the vulnerability is reported in Google Chrome, the root cause lies within the bundled V8 JavaScript engine that is responsible for executing JavaScript when browsing websites. As a result, the vulnerability may affect other products bundling V8.

Recent changes in the V8 repository indicate that the vulnerability was addressed in the inline cache (IC) implementation. The KeyedStoreIC::StoreElementHandler() function in ic/ic.cc fails to properly handle JavaScript arguments objects. This may lead to an out-of-bounds write in the selected IC store handler.

Interestingly, none of the three zero-day vulnerabilities reported in Google Chrome this year have been within the core browser but rather in libraries that it relies upon. One of the two previously reported zero-days also affected V8, CVE-2023-2033, while the other was reported in the Skia 2D graphic library, CVE-2023-2136.

The latest fix released by Google mentions another internally discovered high severity vulnerability that was addressed at the same time. Our research shows that this also affects the V8 JavaScript engine and appears to be a type confusion flaw in the LookupIterator class. At this time, there are no reports of this second vulnerability being exploited, but a test case is provided with the fixing commit.

Fixes

Google Chrome fixes are available in version 114.0.5735.106 for Mac and Linux and version 114.0.5735.110 for Windows. According to Google’s advisory, these will “roll out over the coming days/weeks.”

Flashpoint continues to monitor both vulnerabilities, and our VulnDB entries are updated with more information as it becomes available.

Begin your free trial today.