V8 CVE calrigication

58 views
Skip to first unread message

Meir Shpilraien

unread,
Mar 12, 2023, 4:43:52 AM3/12/23
to v8-dev
Hello v8-dev,

I saw some CVE descriptions which look like this:

Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

I tried to find more specific information about such CVE's but seems like such information is not public. I want to know if a pure V8 is expose to such CVE's or is it only in the integration with chromium?

I am asking because I want to estimate how much I am expose to such CVE's assuming my application only embeds V8.

I took the CVE list from here:
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=v8

Thanks,
Meir

Ben Noordhuis

unread,
Mar 12, 2023, 6:56:30 AM3/12/23
to v8-...@googlegroups.com
Type confusion is (to the best of my knowledge) always a bug in V8. If
you are executing untrusted JS code, then your application is likely
affected.

The CVE you used an example is CVE-2023-1214 and was a bug in V8's
serializer. If you don't use that, you're _probably_ not affected -
but why take chances?

Guy Korland

unread,
Mar 12, 2023, 7:27:10 AM3/12/23
to v8-dev
Why does it say in the title of the CVE "via a crafted HTML page." ?

guest271314

unread,
Mar 12, 2023, 11:10:50 AM3/12/23
to v8-...@googlegroups.com
Good question. There is a list of recent CVE's here https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html. What does "Insufficient policy enforcement in Extensions API." mean?

Disclaimer

The information contained in this communication from the sender is confidential. It is intended solely for use by the recipient and others authorized to receive it. If you are not the recipient, you are hereby notified that any disclosure, copying, distribution or taking action in relation of the contents of this information is strictly prohibited and may be unlawful.

--
--
v8-dev mailing list
v8-...@googlegroups.com
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to v8-dev+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/27d15665-6d04-4fce-9fd3-7b4c29fde816n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages