In its most recent update, Chrome has addressed a total of seven security bugs. Among them is CVE-2023-6345, which stands as the only zero-day vulnerability. In the update, Google acknowledged that “an exploit for CVE-2023-6345 exists in the wild.” This marks the seventh zero-day vulnerability Chrome has tackled since the beginning of the year, as reported by The Hacker News.
Zero-day vulnerabilities pose a significant threat as they are security flaws that hackers can exploit before developers can release a fix. This leaves organizations exposed and needing more preparation time to protect their systems. The complexity required for their discovery makes these vulnerabilities rare and valuable to attackers. Cybersecurity efforts are concentrated on rapid detection and collaborative actions to mitigate the impact of such threats.
Google has confirmed the presence of a zero-day exploit for CVE-2023-6345, initially identified by Google’s Threat Analysis Group on November 24, 2023. The company has exercised caution in sharing details about this specific flaw. It is a common practice among tech companies, especially if they identify a flaw internally, to refrain from public exposure. While specifics about CVE-2023-6345 are limited, we know it is an integer overflow weakness affecting Skia. Skia is the open-source 2D graphics library within the Chrome graphics engine. Google’s update to Chrome notes that the exploit could “potentially perform a sandbox escape via a malicious file.”
Chrome zero-day vulnerability CVE-2023-6345 has a security severity of High
Let’s break down what all this means. Chrome uses SKIA, a 2D graphics library, to render web graphics. It’s the software behind Chrome’s visual components, significantly contributing to the display of graphics.
Integer overflows occur when an arithmetic operation on integers surpasses the maximum representable value for the data type, potentially leading to unpredictable behavior and posing security risks. Exploiting such weaknesses can result in serious consequences, including buffer overflows, memory corruption, and other security issues. Hence, addressing integer overflow is common in software development to ensure the security of applications.
CVE-2023-6345 exploited an integer overflow in Skia to potentially breach the sandbox. A sandbox is a protective mechanism designed to confine web content within a restricted environment, preventing access to sensitive system resources. The method of exploitation involved a malicious file, indicating that interacting with this file could enable an attacker to execute code or actions beyond the sandbox. Users being able to access data beyond the scope of what Chrome intends is a significant threat. CVE-2023-6345 has a security severity of High.