CVE-2017-15401: were fixed in Chrome OS 61

Q: What is the severity of CVE-2017-15401?

CVE-2017-15401 is classified as a high-severity vulnerability that allows remote code execution in Google Chrome.

Q: How do I fix CVE-2017-15401?

To fix CVE-2017-15401, update your Google Chrome to version 62.0.3202.74 or later.

Q: What does CVE-2017-15401 affect?

CVE-2017-15401 affects Google Chrome versions prior to 62.0.3202.62, including Chrome OS.

Q: What could an attacker do with CVE-2017-15401?

An attacker could exploit CVE-2017-15401 to execute arbitrary code inside a sandbox via a crafted HTML page.

Q: When was CVE-2017-15401 fixed in Google Chrome?

CVE-2017-15401 was fixed in Google Chrome with the release of version 62.0.3202.62.

Published Oct 27, 2017

Updated

A memory corruption bug in WebAssembly could lead to out of bounds read and write through V8 in WebAssembly in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

Affected Software

2 affected componentsFixes available

Google Chrome<62.0.3202.62

Google Chrome OS<62.0.3202.74

62.0.3202.74

Remediation

Patch Available

https://crbug.com/766260

Event History

Oct 27, 2017

CVE Published

12:00 AM

Data Sourced

12:00 AM

WeaknessAffected Software

Jan 9, 2019

CVE Published

via MITRE·07:00 PM

Data Sourced

via MITRE·07:00 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

3243422487019122956

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is the severity of CVE-2017-15401?

CVE-2017-15401 is classified as a high-severity vulnerability that allows remote code execution in Google Chrome.

How do I fix CVE-2017-15401?