Skip to main content
Skip table of contents

ISN 2023-24: Chromium Vulnerability

Updated 24 October 2023 (OS 11.09.110 available)

First published 13 October 2023

CVSS 3.1: 8.8 (High)

CVSS:3.1 /AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A security vulnerability has been found in the Chromium web browser. This affects the following IGEL products:

  • IGEL OS 12
  • IGEL OS 11

Details

Google has reported a high vulnerability in Chromium (CVE-2023-5218). It is a use-after-free in the Site Isolation component, which could enable an attacker to execute arbitrary code via a crafted HTML page.

Update Instructions

  • OS 12: IGEL is preparing an updated Chromium app for OS 12.
  • OS 11: Update to IGEL OS 11.09.110 or newer.

References

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.