The four high-severity use-after-free vulnerabilities resolved with the latest Chrome update are tracked as follows:ĬVE-2022-2477 is a use-after-free vulnerability in Guest View that could allow arbitrary code execution following interaction by the victim.ĬVE-2022-2478 is a use-after-free vulnerability in Chrome's PDF handling code.
Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. If after freeing a memory location, a program does not clear the pointer to that memory, an attacker can use the error to manipulate the program. Of the 11 security fixes five are use-after-free issues, including four that are marked with a severity of “high.” Use after free (UAF) vulnerabilities occur because of the incorrect use of dynamic memory during a program’s operation. Google Chrome's Stable channel has been updated to 1.134 for Windows, Mac, and Linux, and the new version will roll out over the coming days/weeks. The latest Google Chrome update includes 11 security fixes, some of which could be exploited by an attacker to take control of an affected system.
0 kommentar(er)
