CVE-2024-3839 - Out of Bounds Read in Fonts in Google Chrome Leading to Potential Information Disclosure

Google Chrome is undoubtedly the go-to web browser for many internet users due to its impressive speed, compatibility, and extensive library of extensions. However, like any other software, Chrome may also contain vulnerabilities that can lead to security issues like information disclosure. In this post, we'll discuss CVE-2024-3839, an out of bounds read in fonts in Google Chrome prior to 124..6367.60 that allowed a remote attacker to acquire potentially sensitive data from process memory via a maliciously crafted HTML page.

What is CVE-2024-3839?

CVE-2024-3839 is a medium-severity vulnerability in the Chromium open-source browser engine that powers Google Chrome. This security flaw is an out of bounds read issue in the handling of fonts in Chrome versions before 124..6367.60. By exploiting this vulnerability, a remote attacker can access sensitive information from the process memory of a user's device by tricking the victim into visiting a specially engineered HTML page.

Exploit Details

To exploit this vulnerability, a remote attacker can create a malicious HTML page containing specially crafted font files. By convincing the user to visit this page, the attacker can trigger an out of bounds read in Chrome's font handling mechanism, allowing access to potentially sensitive information stored in process memory. The acquired information can be used by the attacker to conduct further attacks or obtain insights about the user's device, hardware, and software configurations.

Below is a simple code snippet illustrating how the malicious HTML page may look like

<!DOCTYPE html>
<html>
<head>
  <style>
    @font-face {
      font-family: 'MaliciousFont';
      src: url('malicious-font-file.woff2') format('woff2');
    }
  </style>
</head>
<body>
  <p style="font-family: MaliciousFont;">
    This text uses the malicious font, potentially causing an out of bounds read in Google Chrome.
  </p>
</body>
</html>

In the given example, the attacker prepares a custom font file (malicious-font-file.woff2) which exploits the vulnerability in Chrome's font handling process. When the victim visits the crafted HTML page, the styled paragraph with the malicious font triggers the out of bounds read, allowing the attacker to extract sensitive information from the process memory.

Mitigation

The vulnerability was addressed in Google Chrome version 124..6367.60. Users are strongly recommended to update their browser to the latest version to avoid falling victim to this exploit. You can update your Chrome by following these steps:

Links to Original References

- Chrome Releases: Stable Channel Update for Desktop
- Chromium Issue Tracker: Fonts - Out of Bounds Read

Conclusion

In summary, CVE-2024-3839 is an out of bounds read vulnerability in fonts in Google Chrome that can be exploited through a malicious HTML page. Although the flaw has a medium severity rating, it could result in sensitive information disclosure. Users are advised to update their browser to the latest version to stay protected against such exploits.

Timeline

Published on: 04/17/2024 08:15:10 UTC
Last modified on: 05/03/2024 04:15:09 UTC