First published: Sat Nov 04 2023(Updated: )
Chromium: CVE-2023-6112 Use after free in Navigation
Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Credit: firstname.lastname@example.org Sergei Glazunov Google Project Zero
|Affected Software||Affected Version||How to fix|
|Microsoft Edge (Chromium-based)|
|Microsoft Edge (Chromium-based) Extended Stable|
|Debian Debian Linux||=11.0|
|Debian Debian Linux||=12.0|
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
CVE-2023-6112 is a vulnerability in Google Chrome that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2023-6112 has a severity rating of High (8.8).
Microsoft Edge (Chromium-based) versions prior to 119.0.2151.72 and Google Chrome versions prior to 119.0.6045.159 are affected by CVE-2023-6112.
To fix CVE-2023-6112 in Microsoft Edge, update to version 119.0.2151.72 or later.
To fix CVE-2023-6112 in Google Chrome, update to version 119.0.6045.159 or later.