What is CVE-2023-2134?

CVE-2023-2134 is a vulnerability that involves out of bounds memory access in the Service Worker API in Google Chrome.

What is the severity of CVE-2023-2134?

The severity of CVE-2023-2134 is high, with a severity value of 8.8.

How does CVE-2023-2134 impact Microsoft Edge (Chromium-based)?

Microsoft Edge (Chromium-based) is affected by CVE-2023-2134 and users should update to version 112.0.5615.137 or later to mitigate the vulnerability.

How does CVE-2023-2134 impact Google Chrome?

Google Chrome versions prior to 112.0.5615.137 are affected by CVE-2023-2134 and users should update to the latest version to address the vulnerability.

What is the remedy for CVE-2023-2134 in Debian Debian Linux?

Debian Debian Linux users should apply the remedy versions 116.0.5845.180-1~deb11u1, 119.0.6045.123-1~deb11u1, 116.0.5845.180-1~deb12u1, 119.0.6045.123-1~deb12u1, 119.0.6045.105-1, or 119.0.6045.123-1 of the Chromium package to fix CVE-2023-2134.

Vulnerability/
CVE-2023-2134

high

8.8

CWE

787

30/3/2023

19/4/2023

7/10/2024

CVE-2023-2134: Out of bounds memory access in Service Worker API

First published: Thu Mar 30 2023(Updated: )

<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2023">Google Chrome Releases</a> for more information.</p>

Credit: Rong Jian VRI chrome-cve-admin@google.com chrome-cve-admin@google.com

Affected Software	Affected Version	How to fix
Microsoft Edge (Chromium-based)		fix available externally
Microsoft Edge	<112.0.1722.58
Google Chrome	<112.0.5615.137
Debian Debian Linux	=11.0
Fedoraproject Fedora	=36
Fedoraproject Fedora	=37
Fedoraproject Fedora	=38
debian/chromium	<=90.0.4430.212-1~deb10u1	116.0.5845.180-1~deb11u1 119.0.6045.123-1~deb11u1 116.0.5845.180-1~deb12u1 119.0.6045.123-1~deb12u1 119.0.6045.105-1 119.0.6045.123-1
Google Chrome	<112.0.5615.137	112.0.5615.137

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

2950018165594373010

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is CVE-2023-2134?
CVE-2023-2134 is a vulnerability that involves out of bounds memory access in the Service Worker API in Google Chrome.
What is the severity of CVE-2023-2134?
The severity of CVE-2023-2134 is high, with a severity value of 8.8.
How does CVE-2023-2134 impact Microsoft Edge (Chromium-based)?
Microsoft Edge (Chromium-based) is affected by CVE-2023-2134 and users should update to version 112.0.5615.137 or later to mitigate the vulnerability.
How does CVE-2023-2134 impact Google Chrome?
Google Chrome versions prior to 112.0.5615.137 are affected by CVE-2023-2134 and users should update to the latest version to address the vulnerability.
What is the remedy for CVE-2023-2134 in Debian Debian Linux?
Debian Debian Linux users should apply the remedy versions 116.0.5845.180-1~deb11u1, 119.0.6045.123-1~deb11u1, 116.0.5845.180-1~deb12u1, 119.0.6045.123-1~deb12u1, 119.0.6045.105-1, or 119.0.6045.123-1 of the Chromium package to fix CVE-2023-2134.

collector/msrc
collector/msrc-cve
collector/security-tracker-debian
agent/type
agent/softwarecombine
agent/first-publish-date
collector/nvd-index
agent/software-canonical-lookup-request
agent/title
agent/author
agent/severity
agent/weakness
agent/references
collector/chrome-releases
agent/software-canonical-lookup
agent/description
agent/tags
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/nvd-api
source/NVD
vendor/microsoft
canonical/microsoft edge
package-manager/debian
vendor/google
canonical/google chrome
vendor/debian
canonical/debian debian linux
version/debian debian linux/11.0
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/36
version/fedoraproject fedora/37
version/fedoraproject fedora/38
canonical/microsoft edge (chromium-based)