Remote code execution vulnerability in Google Chrome
Indian - Computer Emergency Response Team (cert-in.org.in)
Severity Rating: HIGH
Software Affected
Google Chrome versions prior to 107.0.5304.121 for Mac and Linux
Google Chrome versions prior to 107.0.5304.121/.122 for Windows
Overview
A Vulnerability has been reported in Google Chrome, which could allow a remote attacker to execute arbitrary code on the targeted system.
Description
This vulnerability exists in Google Chrome due to Heap buffer overflow in GPU. A remote attacker could exploit this vulnerability by sending a specially crafted request on the targeted system.
Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the targeted system.
Note: This vulnerability (CVE-2022-4135) is being exploited in the wild. Users are advised to apply patches urgently.
Solution
Apply appropriate updates as mentioned by the vendor.
Vendor Information
Google Chrome
References
Google Chrome
CVE Name
CVE-2022-4135
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.