CVE-2023-2136

Vulnerability updated 7 months ago (2024-11-29T13:31:03.348Z)

Download STIX

Preview STIX

CVE-2023-2136 is an integer overflow vulnerability discovered in Google Chrome, which is a type of software flaw that occurs when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented within the available storage space. This vulnerability was identified alongside two other distinct vulnerabilities in Google Chrome, namely CVE-2023-2033 and CVE-2023-3079, both of which are categorized as type confusion vulnerabilities. The discovery of these vulnerabilities highlights potential risks in the security architecture of Google Chrome. The fact that CVE-2023-2136 is an integer overflow vulnerability indicates that there could be serious repercussions if exploited. Integer overflow vulnerabilities can lead to unexpected behavior such as crashes, incorrect computations, or even allowing an attacker to execute arbitrary code. Reports have emerged indicating that CVE-2023-2136 is currently being exploited in the wild. This means that malicious actors are actively leveraging this vulnerability to compromise systems running vulnerable versions of Google Chrome. It's crucial for users and administrators to apply necessary patches or updates released by Google to mitigate the risk associated with this vulnerability.

Description last updated: 2024-05-04T17:10:22.207Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Google

Chrome

Vulnerability

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the CVE-2023-2136 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	a year ago	Google fixes first actively exploited Chrome zero-day of 2024
CERT-EU	a year ago	Alert: New Chrome Zero-Day Vulnerability Being Exploited
CERT-EU	2 years ago	Google fixes 8th Chrome zero-day exploited in attacks this year
Securityaffairs	2 years ago	Google addressed a new actively exploited Chrome zero-day
Securityaffairs	2 years ago	Google addressed a new Chrome Zero-Day vulnerability
DARKReading	2 years ago	Chrome Flags Third Zero-Day This Month That's Tied to Spying Exploits
CERT-EU	2 years ago	Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor
Securityaffairs	2 years ago	GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023
CERT-EU	2 years ago	Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters
Securityaffairs	2 years ago	GOOGLE FIXED THE FOURTH CHROME ZERO-DAY OF 2023
CERT-EU	2 years ago	Heimdal®’s Semiannual Rundown of the Most Exploited Vulnerabilities of 2023
CERT-EU	2 years ago	IT threat evolution in Q2 2023. Non-mobile statistics – GIXtools
CERT-EU	2 years ago	PC malware statistics, Q2 2022
Securityaffairs	2 years ago	Google addressed 3 actively exploited flaws in Android
CERT-EU	2 years ago	Google issues patches for 46 bugs: 3 faced targeted exploitation, 1 critical
CERT-EU	2 years ago	Cyber Security Week in Review: July 7, 2023
CERT-EU	2 years ago	Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities
CERT-EU	2 years ago	GovCERT.HK - Security Alerts
Malwarebytes	2 years ago	Update Android now! Google patches three actively exploited zero-days
CERT-EU	2 years ago	Android Security Updates Patch 3 Exploited Vulnerabilities