Exploits & CVE's

Chrome SKIA Integer Overflow

Authored by Google Security Research, Mark Brand

When deserializing an SkPath, there is some basic validation performed to ensure that the contents are consistent. This validation does not use safe integer types, or perform additional validation, so it’s possible for a large path to overflow the point count, resulting in an unsafe SkPath object.

advisories | CVE-2023-4354


Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button