Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html https://issues.chromium.org/issues/337766133
Created chromium tracking bugs for this issue: Affects: epel-all [bug 2279690] Affects: fedora-all [bug 2279691]
Fixed in WebKitGTK by https://github.com/WebKit/WebKit/commit/9d7ec80f78039e6646fcfc455ab4c05aa393f34c (Cherry-pick ANGLE upstream commit 1bb1ee061fe0bce322fb93b447a72e72c993a1f2)
This flaw also affects WebKitGTK: https://webkitgtk.org/security/WSA-2024-0004.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:8492 https://access.redhat.com/errata/RHSA-2024:8492
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2024:8496 https://access.redhat.com/errata/RHSA-2024:8496