A newly discovered vulnerability, CVE-2023-4863, poses a significant threat to the security of Internet users worldwide. This heap buffer overflow in the WebP image format is utilized by popular web browsers like Google Chrome and Mozilla Firefox. In this article, we delve into the details of this vulnerability and its implications.
What Happened:
The Vulnerable Function:
At the heart of CVE-2023-4863 is the “BuildHuffmanTable” function, introduced in 2014. It plays a crucial role in ensuring data accuracy.
Exploitation Potential:
Stack Diary highlights that overflowing a buffer can lead to the overwriting of critical data or instructions, benefiting potential attackers. When a program possesses a heap buffer overflow vulnerability, specially crafted data can cause it to behave unpredictably. This can result in malicious code execution or unauthorized system access.
Codec’s Role Explained:
Stack Diary analogizes a codec to a translator for WebP images, be it in JPEG or PNG format. A heap buffer overflow in this codec could enable attackers to craft malicious WebP images that, when viewed, exploit the vulnerability to compromise or steal information from your computer.
Who Is Affected by the WebP Vulnerability (CVE-2023-4863):
The impact of this discovered exploit extends beyond Chromium-based web browsers, affecting any software employing the libwebp library. This encompasses Electron-based applications, such as Signal, as well as a multitude of other applications like Affinity, Gimp, Inkscape, LibreOffice, Telegram, Thunderbird, ffmpeg, various Android applications, and cross-platform apps created with Flutter.
Who Has Released Updates Addressing the WebP Vulnerability (CVE-2023-4863):
Several browsers and software developers have taken swift action to mitigate this vulnerability:
Browsers:
- Google Chrome
- Mozilla Firefox
- Brave
- Microsoft Edge
Software:
- Electron (GitHub’s framework)
- Honeyview (image viewing)
- Thunderbird (email client)
- 1Password (password manager)
NIX Solutions reminds to ensure that their browsers are updated to the latest versions to benefit from these crucial security patches.