ALL MENU

Technology
S2W's Technology
AI
Big Data
Security
Products
SAIP
QUAXAR
XARVIS
EYEZ
Services
AI Data Consulting
Penetration Testing
Incident Response
Request for Intelligence
Resources
Event
Webinar
SIS
Conference
About S2W
About S2W
History
News

QUICK LINKS

Resources
  • Research
  • Threat Analysis Brief Reports
Google Chrome Vulnerability: CVE-2024-7971
2024.11.15



✅  Report Title:


Quick Overview of Google Chrome Type Confusion Vulnerability



 Executive Summary:


- Date: August 21, 2024 - Google Chrome vulnerability CVE-2024-7971 received an urgent patch.

    - Affected Versions: This vulnerability impacts versions below Chrome 128.0.6613.84 on Linux and 128.0.6613.84/.85 on Windows and Mac.

      - Severity: The vulnerability was rated 8.8 (HIGH) according to CVSS 3.1 and was patched on August 21, 2024.

        - Exploitation Alert: Evidence on August 21, 2024, confirmed that this vulnerability was exploited by Citrine Sleet, a threat group associated with the North Korean APT group Lazarus. Immediate countermeasures are advised.



        📌 What is the status of attacks exploiting the vulnerability?


        - Incident Date: August 13, 2024 - Citrine Sleet exploited this vulnerability, linked to Lazarus, to conduct attacks.

        Attack Details: Citrine Sleet executed arbitrary code within the Chromium renderer process using this vulnerability. They also leveraged Windows Kernel vulnerability CVE-2024-38106 for sandbox escape and privilege escalation, ultimately deploying the FudModule rootkit.



        📌 What is the cause of the vulnerability?


        - Vulnerability Type: This is a Type Confusion vulnerability in Google Chrome's v8 engine, specifically within the Liftoff compiler during WebAssembly (WASM) JIT compilation.

        Technical Details: The Liftoff compiler, when processing loop structures, temporarily clears registers to prepare for new values but fails to enforce strict type checks for changing register contents. This leads to potential memory corruption due to loosened type conditions within loops.



        ✅ Recommended Threat Detection and Mitigation Actions:


        - Threat Detection: Update detection rules, maintain continuous monitoring, and ensure the application of the latest security patches.


        - Patch Application: Install the updated, secure version of Chrome:
        - Further Analysis and Support: For detailed analysis and mitigation steps, please refer to the support link provided below.

          > Linux: Chrome 128.0.6613.84 or higher

          > Windows/Mac: Chrome 128.0.6613.84/.85 or higher


        - Alternative Measures: If patching is not possible, follow the provided security mitigation procedures.



        🧑‍💻 Report Author: S2W TALON


        👉 Contact Us: https://s2w.inc/contact


        News Highlights
        DDW Weekly Highlights in November W1
        2024.11.14
        Previous
        Threat Analysis Brief Reports
        Windows Kernel Vulnerability: CVE-2024-38106, etc.
        2024.11.20
        Next
        List