integer overflow

Google Chrome Skia Integer Overflow Vulnerability (CVS 2023-2136) Notice

April 24, 2023

Overview Recently, NSFOCUS CERT found that Google officially fixed an integer overflow vulnerability in Chrome Skia (CVE-2023-2136). Due to a flaw in Skia, when the value exceeds the maximum limit of integer type due to arithmetic operations, an integer overflow will occur. The attacker triggers this vulnerability by inducing users to open a specially crafted […]


Subscribe to the NSFOCUS Blog