CVE-2020-6418: Google Chrome Type Confusion Vulnerability Exploited in the Wild

Google is aware of reports that a type confusion flaw in Google Chrome has been exploited in the wild.

背景

On February 24, Google released a new stable channel update for Google Chrome for Desktop to address several vulnerabilities, including one that has been reportedly exploited in the wild.

分析

CVE-2020-6418 is a type confusion vulnerability in V8, Google Chrome’s open-source JavaScript and WebAssembly engine. It was discovered and reported by Clément Lecigne, security engineer of Google’s Threat Analysis Group (TAG). Last year, Lecigne was credited with finding and reporting CVE-2019-5786, a use-after-free vulnerability in Google Chrome that was also exploited in the wild.

Google says it’s “aware of reports that an exploit” for this flaw “exists in the wild,” implying this may have been exploited as a zero-day.

Detailed information about the vulnerability is restricted at this time. Further information about this vulnerability may become available in the future, after users have had time to apply patches. We will update this blog post if and when this information becomes available.

概念验证

While this vulnerability has been exploited in the wild, at the time this blog post was published, there was no public proof-of-concept available.

解决方案

Google released Chrome version 80.0.3987.122 for Windows, Mac and Linux to address CVE-2020-6418. Google also patched two additional vulnerabilities in this release, including CVE-2020-6407, an out-of-bounds memory access vulnerability and an integer overflow vulnerability that does not have an associated CVE identifier.

识别受影响的系统

用于识别这些漏洞的 Tenable 插件列表在发布时将显示在此处。

获取更多信息

• Stable Channel Update for Google Chrome (80.0.3987.122)

加入 Tenable Community 中的 Tenable 安全响应团队

了解有关 Tenable 这款首创 Cyber Exposure 平台的更多信息，全面管理现代攻击面。

获取 30 天免费试用版 Tenable.io Vulnerability Management。