CVE-2018-6158 Information

Description

A race condition in Oilpan in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/104887 https://access.redhat.com/errata/RHSA-2018:2282 https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html https://crbug.com/841280 https://security.gentoo.org/glsa/201808-01 https://www.debian.org/security/2018/dsa-4256

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.5