Not many details are available but the attacker needs the victim to engage in some kind of user interaction to exploit this vulnerability.ĬVE-2022-2479 is caused by insufficient validation of untrusted input in File. The four high-severity use-after-free vulnerabilities resolved with the latest Chrome update are tracked as follows:ĬVE-2022-2477 is a use-after-free vulnerability in Guest View that could allow arbitrary code execution following interaction by the victim.ĬVE-2022-2478 is a use-after-free vulnerability in Chrome's PDF handling code. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). ![]() Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. If after freeing a memory location, a program does not clear the pointer to that memory, an attacker can use the error to manipulate the program. Of the 11 security fixes five are use-after-free issues, including four that are marked with a severity of “high.” Use after free (UAF) vulnerabilities occur because of the incorrect use of dynamic memory during a program’s operation. ![]() Google Chrome's Stable channel has been updated to 1.134 for Windows, Mac, and Linux, and the new version will roll out over the coming days/weeks. The latest Google Chrome update includes 11 security fixes, some of which could be exploited by an attacker to take control of an affected system.
0 Comments
Leave a Reply. |