September 27, 2023

Google has just patched eigth zero-day vulnerability in its Chrome browser.

The vulnerability was caused by a heap buffer overflow in GPU, allowing attackers to modify the data stored in the application’s heap, altering the output.

Advertisements

It has been assigned a severity rating of ‘high’ although a specific CVSSv3 score has not yet been released.

The vulnerability is tracked as CVE-2022-4135 and released the new stable channel version of Google Chrome on Thursday across Windows, macOS, and Linux.

Google said it will be keeping more detailed information on the vulnerability under wraps until more users have had time to install the update.

CVE-2022-4135 marks the eighth zero-day vulnerability found in Google Chrome since the start of 2022 and the second zero-day caused by a heap buffer overflow.

Major browsers also run on Chromium, such as Microsoft Edge, Opera, Vivaldi, and others, these were also vulnerable because they too relied on Google’s V8 engine.

Advertisements

The full list of Google Chrome zero-day vulnerabilities found in 2022 can be found below:

  • CVE-2022-3723
  • CVE-2022-3075
  • CVE-2022-2856
  • CVE-2022-2294
  • CVE-2022-1364
  • CVE-2022-1096
  • CVE-2022-0609
Tags:

1 thought on “Google Patches Eighth Chrome ZeroDay of 2022

  1. Pingback: Google Patches Ninth Zeroday of 2022 - TheCyberThrone

Leave a Reply

You may have missed

BORN Canada latest victim of MoveIT data breach

September 27, 2023

Hardware Supply Chain Risk Assessment from CISA

September 27, 2023

Sony attack – Ransomed.vc claims responsibility

September 26, 2023

Chrome Zeroday – CVE-2023-4863 PoC Exploit Released

September 25, 2023

BlackCat adds Clarion to its Victim list

September 24, 2023

TheCyberThrone Security Week In Review – September 23, 2023

September 24, 2023
%d bloggers like this: