CVE-2023-4364: 
vulnerability analysis and mitigation

CVE-2023-4364 is a security vulnerability discovered in Google Chrome's Permission Prompts implementation prior to version 116.0.5845.96. The vulnerability was reported by Jasper Rebane on January 13, 2023, and was officially disclosed on August 15, 2023. This vulnerability affects Google Chrome and its derivatives, including Chromium-based browsers (Chrome Release).

The vulnerability is characterized as an inappropriate implementation in Permission Prompts that allowed a remote attacker to obfuscate security UI through a crafted HTML page. Google has classified this vulnerability with a Medium severity rating (NVD).

The vulnerability could allow attackers to manipulate the security user interface through specially crafted HTML pages, potentially leading to user confusion or deception regarding security permissions (Chrome Release).

The vulnerability has been patched in Google Chrome version 116.0.5845.96 and later versions. Users and administrators are advised to update their Chrome installations to this version or newer. Various Linux distributions have also released security updates to address this vulnerability (Debian Security, Fedora Update).