June 30, 2022

TheCyberThrone

Thinking Security ! Always

Google Patches Vulnerabilities in Chrome 102

Google released patches for Chrome browser that resolves seven vulnerabilities, including four issues reported by external researchers.

Tracked as CVE-2022-2007, the first of these bugs is described as a use-after-free in WebGPU.

Advertisements

Use-after-free issues are triggered when a program doesn’t clear the pointer after freeing memory allocation, and can be exploited for arbitrary code execution, denial of service, or data corruption, potentially leading to system compromise.

Another use-after-free vulnerability addressed with this Chrome tracked as CVE-2022-2011, a flaw identified in ANGLE, Chrome’s graphics engine abstraction layer. The bug was reported by SeongHwan Park.

Another issue tracked as CVE-2022-2008, an out-of-bounds memory access in WebGL also resolved

Advertisements

The fourth vulnerability addressed with this browser update is CVE-2022-2010, an out-of-bounds read in compositing.

The latest Chrome iteration is now rolling out to Windows, Mac, and Linux users as version 102.0.5005.115. Exploitation details not provided by Google. Users are advised to update their browser

%d bloggers like this: