CVE-2019-5840: Race Condition

Q: What is the severity of CVE-2019-5840?

CVE-2019-5840 has been classified as a medium severity vulnerability.

Q: How do I fix CVE-2019-5840?

To fix CVE-2019-5840, update Google Chrome to version 75.0.3770.80 or later.

Q: Which versions of Google Chrome are affected by CVE-2019-5840?

CVE-2019-5840 affects all versions of Google Chrome prior to 75.0.3770.80.

Q: Can CVE-2019-5840 be exploited remotely?

Yes, CVE-2019-5840 can be exploited by a remote attacker through a crafted HTML page.

Q: What platforms are affected by CVE-2019-5840?

CVE-2019-5840 impacts Google Chrome on iOS and various Debian and Fedora systems.

Published Jun 27, 2019

Updated

Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

Affected Software

10 affected componentsFixes available

debian/chromium

90.0.4430.212-1~deb10u1116.0.5845.180-1~deb11u1120.0.6099.129-1~deb11u1119.0.6045.199-1~deb12u1120.0.6099.129-1~deb12u1120.0.6099.129-1

Google Chrome<75.0.3770.80

Apple iPhone OS

Debian Debian Linux=10.0

Fedoraproject Fedora=29

Fedoraproject Fedora=30

openSUSE Backports=sle-15

openSUSE Leap=15.0

openSUSE Leap=15.1

openSUSE Leap=42.3

Event History

Jun 27, 2019

CVE Published

via MITRE·04:13 PM

Data Sourced

via MITRE·04:13 PM

DescriptionWeakness

Frequently Asked Questions

What is the severity of CVE-2019-5840?

CVE-2019-5840 has been classified as a medium severity vulnerability.

How do I fix CVE-2019-5840?

To fix CVE-2019-5840, update Google Chrome to version 75.0.3770.80 or later.

Which versions of Google Chrome are affected by CVE-2019-5840?

CVE-2019-5840 affects all versions of Google Chrome prior to 75.0.3770.80.

Can CVE-2019-5840 be exploited remotely?

Yes, CVE-2019-5840 can be exploited by a remote attacker through a crafted HTML page.

What platforms are affected by CVE-2019-5840?