Zero Science Lab » Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Fatal OOM/Crash (macOS)

Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Fatal OOM/Crash (macOS)

Title: Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Fatal OOM/Crash (macOS)
Advisory ID: ZSL-2023-5770
Type: Local
Impact: DoS
Risk: (3/5)
Release Date: 11.04.2023

Summary

Google Chrome browser is a free web browser used for accessing the internet and running web-based applications. The Google Chrome browser is based on the open source Chromium web browser project. Google released Chrome in 2008 and issues several updates a year.

Description

Fatal OOM/crash of Chrome browser while detaching/attaching tabs on macOS.

Vendor

Google LLC - https://www.google.com

Affected Version

111.0.5563.64 (Official Build) (x86_64)
110.0.5481.100 (Official Build) (x86_64)
108.0.5359.124 (Official Build) (x86_64)
108.0.5359.98 (Official Build) (x86_64)

Tested On

macOS 12.6.1 (Monterey)
macOS 13.3.1 (Ventura)

Vendor Status

[08.12.2022] Vulnerability discovered.
[13.12.2022] Contact with the vendor, ticket 1400682 created.
[13.12.2022] Vendor begins investigation.
[10.04.2023] Vendor releases version 112.0.5615.49 to address this issue.
[11.04.2023] Public security advisory released.

PoC

google_chrome_oom.txt

Credits

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>

References

[1] https://bugs.chromium.org/p/chromium/issues/detail?id=1400682
[2] https://chromium-review.googlesource.com/c/chromium/src/+/3861171
[3] https://www.exploit-db.com/exploits/51361
[4] https://packetstormsecurity.com/files/171829/

Changelog

[11.04.2023] - Initial release
[20.04.2023] - Added reference [1] and [2]

Contact

Zero Science Lab

Web: https://www.zeroscience.mk
e-mail: lab@zeroscience.mk