CVE-2024-21640 - Vulnerability Details - OpenCVE

Chromium Embedded Framework (CEF) is a simple framework for embedding Chromium-based browsers in other applications.`CefVideoConsumerOSR::OnFrameCaptured` does not check `pixel_format` properly, which leads to out-of-bounds read out of the sandbox. This vulnerability was patched in commit 1f55d2e.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Chromiumembedded	Chromium Embedded Framework

Configuration 1 [-]

cpe:2.3:a:chromiumembedded:chromium_embedded_framework:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/chromiumembedded/cef/commit/1f55d2e12f62cfdfbf9da6968fde2f928982670b
https://github.com/chromiumembedded/cef/security/advisories/GHSA-3h3j-38xq-v7hh

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-01-13T07:40:10.324Z

Updated: 2024-08-01T22:27:35.810Z

Reserved: 2023-12-29T03:00:44.957Z

Link: CVE-2024-21640

Vulnrichment

No data.

NVD

Status : Modified

Published: 2024-01-13T08:15:07.340

Modified: 2024-11-21T08:54:46.913

Link: CVE-2024-21640

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-21640", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-12-29T03:00:44.957Z", "datePublished": "2024-01-13T07:40:10.324Z", "dateUpdated": "2024-08-01T22:27:35.810Z"}, "containers": {"cna": {"title": "OOB Access in CefVideoConsumerOSR::OnFrameCaptured", "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "lang": "en", "description": "CWE-125: Out-of-bounds Read", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/chromiumembedded/cef/security/advisories/GHSA-3h3j-38xq-v7hh", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/chromiumembedded/cef/security/advisories/GHSA-3h3j-38xq-v7hh"}, {"name": "https://github.com/chromiumembedded/cef/commit/1f55d2e12f62cfdfbf9da6968fde2f928982670b", "tags": ["x_refsource_MISC"], "url": "https://github.com/chromiumembedded/cef/commit/1f55d2e12f62cfdfbf9da6968fde2f928982670b"}], "affected": [{"vendor": "chromiumembedded", "product": "cef", "versions": [{"version": "< commit 1f55d2e", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-01-13T07:40:10.324Z"}, "descriptions": [{"lang": "en", "value": "Chromium Embedded Framework (CEF) is a simple framework for embedding Chromium-based browsers in other applications.`CefVideoConsumerOSR::OnFrameCaptured` does not check `pixel_format` properly, which leads to out-of-bounds read out of the sandbox. This vulnerability was patched in commit 1f55d2e.\n\n"}], "source": {"advisory": "GHSA-3h3j-38xq-v7hh", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:27:35.810Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/chromiumembedded/cef/security/advisories/GHSA-3h3j-38xq-v7hh", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/chromiumembedded/cef/security/advisories/GHSA-3h3j-38xq-v7hh"}, {"name": "https://github.com/chromiumembedded/cef/commit/1f55d2e12f62cfdfbf9da6968fde2f928982670b", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/chromiumembedded/cef/commit/1f55d2e12f62cfdfbf9da6968fde2f928982670b"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:chromiumembedded:chromium_embedded_framework:*:*:*:*:*:*:*:*", "matchCriteriaId": "3DDE5170-AEB5-4EB6-B436-9634C0190E6A", "versionEndExcluding": "2024-01-05", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Chromium Embedded Framework (CEF) is a simple framework for embedding Chromium-based browsers in other applications.`CefVideoConsumerOSR::OnFrameCaptured` does not check `pixel_format` properly, which leads to out-of-bounds read out of the sandbox. This vulnerability was patched in commit 1f55d2e.\n\n"}, {"lang": "es", "value": "Chromium Embedded Framework (CEF) es un framework simple para incrustar navegadores basados en Chromium en otras aplicaciones. `CefVideoConsumerOSR::OnFrameCaptured` no verifica `pixel_format` correctamente, lo que lleva a lecturas fuera de los l\u00edmites fuera de la sandbox. Esta vulnerabilidad fue parcheada en el commit 1f55d2e."}], "id": "CVE-2024-21640", "lastModified": "2024-11-21T08:54:46.913", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 5.8, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-01-13T08:15:07.340", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/chromiumembedded/cef/commit/1f55d2e12f62cfdfbf9da6968fde2f928982670b"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/chromiumembedded/cef/security/advisories/GHSA-3h3j-38xq-v7hh"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/chromiumembedded/cef/commit/1f55d2e12f62cfdfbf9da6968fde2f928982670b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/chromiumembedded/cef/security/advisories/GHSA-3h3j-38xq-v7hh"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "security-advisories@github.com", "type": "Secondary"}]}