Google Chrome 101! Another Day Another Release! Patch havoc
Share this:
Chrome has announced the promotion of Chrome 101 to the stable channel for Windows, Mac, and Linux.
Chrome 101.0.4951.41 for Windows, Mac, and Linux contains several fixes and improvements a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 101.
Access to bug details and links may be kept restricted until most users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on but haven’t yet fixed.
This update includes nearly 30 security fixes. Below, are fixes that were contributed by external researchers.
| Sl.No | CVE | Bug name | Severity |
| 1 | CVE-2022-1477 | Use after free in Vulkan. | High |
| 2 | CVE-2022-1478 | Use after free in SwiftShader | High |
| 3 | CVE-2022-1479 | Use after free in ANGLE. | High |
| 4 | CVE-2022-1480 | Use after free in Device API. | High |
| 5 | CVE-2022-1481 | Use after free in Sharing. | High |
| 6 | CVE-2022-1482 | Inappropriate implementation in WebGL. | High |
| 7 | CVE-2022-1483 | Heap buffer overflow in WebGPU. | High |
| 8 | CVE-2022-1484 | Heap buffer overflow in Web UI Settings. | Medium |
| 9 | CVE-2022-1485 | Use after free in File System API. | Medium |
| 10 | CVE-2022-1486 | Type Confusion in V8. | Medium |
| 11 | CVE-2022-1487 | Use after free in Ozone. | Medium |
| 12 | CVE-2022-1488 | Inappropriate implementation in Extensions API | Medium |
| 13 | CVE-2022-1489 | Out of bounds memory access in UI Shelf. | Medium |
| 14 | CVE-2022-1490 | Use after free in Browser Switcher. | Medium |
| 15 | CVE-2022-1491 | Use after free in Bookmarks. | Medium |
| 16 | CVE-2022-1492 | Insufficient data validation in Blink Editing. | Medium |
| 17 | CVE-2022-1493 | Use after free in Dev Tools. | Medium |
| 18 | CVE-2022-1494 | Insufficient data validation in Trusted Types | Medium |
| 19 | CVE-2022-1495 | Incorrect security UI in Downloads. | Medium |
| 20 | CVE-2022-1496 | Use after free in File Manager. | Medium |
| 21 | CVE-2022-1497 | Inappropriate implementation in Input. | Medium |
| 22 | CVE-2022-1498 | Inappropriate implementation in HTML Parser. | Low |
| 23 | CVE-2022-1499 | Inappropriate implementation in WebAuthentication. | Low |
| 24 | CVE-2022-1500 | Insufficient data validation in Dev Tools. | Low |
| 25 | CVE-2022-1501 | Inappropriate implementation in iframe. | Low |
