CVE-2024-7971
Published Aug 21, 2024
Last updated 3 months ago
AI description
CVE-2024-7971 is a type confusion vulnerability found in the V8 JavaScript and WebAssembly engine within Google Chrome versions prior to 128.0.6613.84. This flaw allows a remote attacker to potentially exploit heap corruption through a crafted HTML page. The vulnerability stems from the Liftoff compiler's handling of loop structures during WebAssembly (WASM) JIT compilation, where it doesn't enforce strict type checks, potentially leading to memory corruption. It has been reported that this vulnerability has been exploited in the wild.
- Description
- Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.6
- Impact score
- 6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Google Chromium V8 Type Confusion Vulnerability
- Exploit added on
- Aug 26, 2024
- Exploit action due
- Sep 16, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
2025-04-13 の人気記事はコチラでした。(自動ツイート) #Hacker_Trends ――― CVE-2024-7971/poc.js at main · mistymntncop/CVE-2024-7971 · GitHub https://t.co/cFDt3drj5N https://t.co/CWCx7fASTs
@motikan2010
14 Apr 2025
144 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
My writeup for CVE-2024-7971. Just a POC. Let me know if u have any questions. https://t.co/dAEjUYoPls
@mistymntncop
12 Apr 2025
9392 Impressions
38 Retweets
164 Likes
86 Bookmarks
6 Replies
1 Quote
CVE-2024-7971、KEVあるんか
@abdda149
9 Mar 2025
16 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-50379 2 - CVE-2024-38200 3 - CVE-2024-12856 4 - CVE-2023-48788 5 - CVE-2024-7971 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
30 Dec 2024
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Version 124.0.6327.3 is significantly outdated. https://t.co/zy62zi4JHz CVE-2024-4058: A critical type confusion vulnerability in ANGLE (WebGL component) that could allow heap corruption exploitation through crafted HTML pages. CVE-2024-7971: A high-severity type confusion in…
@gnukeith
24 Dec 2024
1226 Impressions
3 Retweets
33 Likes
4 Bookmarks
2 Replies
1 Quote
North Korean hackers exploit Chrome zero-day to deploy rootkit North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit.... https://t.co/IcYuqpf5zq
@SecurityAid
13 Dec 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 #Google #Chrome, Type Confusion Vulnerability, #CVE-2024-7971 (Critical) - Critical https://t.co/aIw2VP7zR2
@dailycve
27 Nov 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-7971
@transilienceai
24 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Zero-Day Alert! 🚨North Korean threat actor Citrine Sleet is back, exploiting a zero-day vulnerability (CVE-2024-7971) in Chromium, targeting #Cryptocurrency institutions.💰 Book your #Demo now: https://t.co/lGRc2vih4Q https://t.co/yO6eYeNAIK
@Akitra_Inc
21 Oct 2024
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DAE0C7AB-1D61-4449-BC82-915B019F311F",
"versionEndExcluding": "128.0.6613.84"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B3C4915-21C5-4DB1-8791-EB3AEB04A654",
"versionEndExcluding": "128.0.2739.42"
}
],
"operator": "OR"
}
]
}
]