Bug 1215349

Summary: VUL-0: CVE-2023-4863: dssim: Heap buffer overflow in WebP
Product: [openSUSE] openSUSE Tumbleweed Reporter: Carlos López <carlos.lopez>
Component: SecurityAssignee: Martin Hauke <mardnh>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Critical    
Priority: P3 - Medium CC: Andreas.Stieger, gianluca.gabrielli, gmbr3, gnome-bugs, jengelh, m.szczepaniak.000, martin.sirringhaus, meissner, security-team, wolfgang, xiaoguang.wang
Version: Current   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/377966/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on: 1215231    
Bug Blocks:    

Description Carlos López 2023-09-14 12:45:46 UTC 
+++ This bug was initially created as a clone of Bug #1215231 +++

CVE-2023-4863

The Stable and Extended stable channels has been updated to 116.0.5845.187 for Mac and Linux and 116.0.5845.187/.188 for Windows, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log.

This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

CVE-2023-4863: Heap buffer overflow in WebP. Reported by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Torontoʼs Munk School on 2023-09-06

Google is aware that an exploit for CVE-2023-4863 exists in the wild.

Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=1479274

References:
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4863
https://bugzilla.redhat.com/show_bug.cgi?id=2238431
Comment 1 Carlos López 2023-09-14 12:47:32 UTC 
openSUSE:Factory/dssim embeds libwebp-sys2, which links against an embedded version of libwebp that is vulnerable.