[CIVN-2022-0478] Multiple Vulnerabilities in Google Chrome OS

Severity Rating: HIGH

Software Affected

Google ChromeOS LTS Channel versions prior to 102.0.5005.193 (Platform Version: 14695.166.0)

Overview

Multiple vulnerabilities have been reported in Google Chrome OS which could be exploited by a remote attacker to execute arbitrary code or cause a denial-of-service condition on the targeted system.

Description

Multiple vulnerabilities exist in Google Chrome OS due to Use after free in Mojo, Audio and Forms; Heap buffer overflow in GPU. An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted Web site.

Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition on the targeted system.

Solution

Apply appropriate updates as mentioned by the vendor:

https://chromereleases.googleblog.com/2022/12/long-term-support-channel-update-for_14.html

Vendor Information

Google Chrome

https://chromereleases.googleblog.com/2022/12/long-term-support-channel-update-for_14.html

References

Google Chrome

https://chromereleases.googleblog.com/2022/12/long-term-support-channel-update-for_14.html

CVE Name

CVE-2022-4178

CVE-2022-4179

CVE-2022-4181

CVE-2022-4135

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

[CIVN-2022-0478] Multiple Vulnerabilities in Google Chrome OS

About Cert Advisory

Related Posts

Popular Posts

Facebook

Blog Archive