December 1, 2023

Google releases patches for Chrome that resolve eight vulnerabilities, including five reported by external researchers.

All five security defects are use-after-free flaws, a type of memory safety bug. Four of these issues are high-severity bugs, impacting components such as Blink Media, Mojo IPC, Blink Frames, and Aura.

The vulnerabilities have been tracked as CVE-2022-4436 to CVE-2022-4439 and a medium severity vulnerability tracked as CVE-2022-4440.

The latest update currently rolling out to Mac and Linux users as version 108.0.5359.124, and to Windows users as version 108.0.5359.124/.125.

Google makes no mention of any of these vulnerabilities being exploited in malicious attacks.

Use-after-free issues exist because, after freeing a memory location, an application might not clear the pointer to that location. An attacker in a position to exploit a use-after-free vulnerability may be able to crash the application, corrupt data, or execute arbitrary code on the machine.

Tags:

Leave a Reply

You may have missed

TheCyberThrone Security Week In Review – November 25, 2023

November 30, 2023

BlueVoyant Acquires Conquest Cyber

November 30, 2023

Google Fixes Sixth Chrome ZeroDay of 2023

November 29, 2023

Ardent Health Services affected by a cyber incident

November 29, 2023

GE and DARPA – Claimed Hack raises concerns

November 28, 2023

POC released for Splunk Enterprise Vulnerability- CVE-2023-46214

November 28, 2023
%d bloggers like this: