Published: 28/07/2022 Updated: 21/08/2022
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

Vulnerability Summary

Use after free in Chrome OS Shell in Google Chrome on Chrome OS before 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

fedoraproject extra packages for enterprise linux 8.0

fedoraproject fedora 35

fedoraproject fedora 36

Vendor Advisories

Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure For the stable distribution (bullseye), these problems have been fixed in version 10305060114-1~deb11u1 We recommend that you upgrade your chromium packages For the detailed security status o ...
The Stable channel has been updated to 10305060114 for Windows which will roll out over the coming days/weeks A full list of changes in this build is available in the log Interested in switching release channels? Find out how here If you find a new issue, please let us know by filing a bug The community help forum is also a great place to r ...
A new LTS Candidate, LTC- 10205005177 (Platform Version: 146951280),  is rolling out for most ChromeOS devices Release notes for LTC-102 can be found here Want to know more about Long-term Support? Click here This update includes the following Security fixes:1327087HighCVE-2022-2296Use after free in C ...

Recent Articles

Google Patches Actively Exploited Chrome Bug
Threatpost • Elizabeth Montalbano • 05 Jul 2022

While people were celebrating the Fourth of July holiday in the United States, Google quietly rolled out a stable channel update for Chrome to patch an actively exploited zero-day vulnerability, the fourth such flaw the vendor has had to patch in its browser product so far this year.
Chrome 103 (103.0.5060.71) for Android and Version 103.0.5060.114 for Windows and Mac, outlined in separate blog posts published Monday, fix a heap buffer overflow flaw in WebRTC, the engine that gives the bro...