{"id":"CVE-2024-21640","summary":"OOB Access in CefVideoConsumerOSR::OnFrameCaptured","details":"Chromium Embedded Framework (CEF) is a simple framework for embedding Chromium-based browsers in other applications.`CefVideoConsumerOSR::OnFrameCaptured` does not check `pixel_format` properly, which leads to out-of-bounds read out of the sandbox. This vulnerability was patched in commit 1f55d2e.\n\n","aliases":["GHSA-3h3j-38xq-v7hh"],"modified":"2026-04-12T08:03:50.273563Z","published":"2024-01-13T07:40:10.324Z","database_specific":{"cwe_ids":["CWE-125"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/21xxx/CVE-2024-21640.json","cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/21xxx/CVE-2024-21640.json"},{"type":"ADVISORY","url":"https://github.com/chromiumembedded/cef/security/advisories/GHSA-3h3j-38xq-v7hh"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-21640"},{"type":"FIX","url":"https://github.com/chromiumembedded/cef/commit/1f55d2e12f62cfdfbf9da6968fde2f928982670b"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/chromiumembedded/cef","events":[{"introduced":"0"},{"fixed":"1f55d2e12f62cfdfbf9da6968fde2f928982670b"}]},{"type":"GIT","repo":"https://github.com/chromiumembedded/cef","events":[{"introduced":"0"},{"fixed":"1f55d2e12f62cfdfbf9da6968fde2f928982670b"}]}],"database_specific":{"vanir_signatures":[{"digest":{"line_hashes":["182114888642407309289002422740730981595","296728380801254310489291266876244496634","241511323707073456792638107520557170878","10727605419003596955656702577756804537","243822518250932802393613637683933259708","299680549457429420900426016945286924349","251336482468436322243211565332479761014","208378345422564264645486803523415692874","212967058314038606452021376936875727844","154530266926391543847892294392838129080","290944518280409255956800925671705596064"],"threshold":0.9},"id":"CVE-2024-21640-c8ef74f2","source":"https://github.com/chromiumembedded/cef/commit/1f55d2e12f62cfdfbf9da6968fde2f928982670b","target":{"file":"libcef/browser/osr/host_display_client_osr.cc"},"signature_version":"v1","deprecated":false,"signature_type":"Line"},{"digest":{"line_hashes":["182559361334402104883307413342929000010","99365231113449201707149582469580869947","16930715518199782558403055733526987617"],"threshold":0.9},"id":"CVE-2024-21640-cbc8d9cd","source":"https://github.com/chromiumembedded/cef/commit/1f55d2e12f62cfdfbf9da6968fde2f928982670b","target":{"file":"libcef/browser/osr/video_consumer_osr.cc"},"signature_version":"v1","deprecated":false,"signature_type":"Line"},{"digest":{"length":354,"function_hash":"51077143238130847293850459808008072074"},"id":"CVE-2024-21640-d25313f2","source":"https://github.com/chromiumembedded/cef/commit/1f55d2e12f62cfdfbf9da6968fde2f928982670b","target":{"file":"libcef/browser/osr/host_display_client_osr.cc","function":"CefLayeredWindowUpdaterOSR::OnAllocatedSharedMemory"},"signature_version":"v1","deprecated":false,"signature_type":"Function"}],"vanir_signatures_modified":"2026-04-12T08:03:50Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-21640.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2024-01-05"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}]}