Multiple vulnerabilities in Google Chrome

説明

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Heap buffer overflow vulnerability in WebUI can be exploited to cause denial of service.
2. Use after free in WebRTC vulnerability can be exploited to cause denial of service or execute arbitrary code.
3. Use after free vulnerability in File Manager can be exploited to cause denial of service or execute arbitrary code.
4. Implementation vulnerability in Virtual Keyboard can be exploited to cause denial of service.
5. Type confusion vulnerability in V8 can be exploited to cause denial of service.
6. Implementation vulnerability in Web Cursor can be exploited to cause denial of service.
7. Use after free vulnerability in Tab Strip can be exploited to cause denial of service or execute arbitrary code.
8. Use after free vulnerability in QR Code Generator can be exploited to cause denial of service or execute arbitrary code.
9. Use after free vulnerability in Shopping Cart can be exploited to cause denial of service or execute arbitrary code.
10. Implementation vulnerability in Full Screen Mode can be exploited to cause denial of service.
11. Implementation vulnerability in Background Fetch API can be exploited to cause denial of service.
12. Implementation in Extensions can be exploited to cause denial of service.
13. Insufficient validation of untrusted input in WebOTP can be exploited to cause denial of service.
14. Implementation vulnerability in Web Share API can be exploited to cause denial of service.
15. Use after free vulnerability in Portals can be exploited to cause denial of service or execute arbitrary code.
16. Implementation vulnerability in Resource Timing can be exploited to cause denial of service.
17. Use after free vulnerability in Extensions can be exploited to cause denial of service or execute arbitrary code.
18. Use after free vulnerability in Cast UI can be exploited to cause denial of service or execute arbitrary code.
19. Use after free vulnerability in WebUI can be exploited to cause denial of service or execute arbitrary code.

オリジナルアドバイザリー

• Stable Channel Update for Desktop

エクスプロイテーション

Public exploits exist for this vulnerability.

関連製品

• Google-Chrome

CVEリスト

• CVE-2022-1143
  critical
• CVE-2022-1133
  critical
• CVE-2022-1141
  critical
• CVE-2022-1132
  high
• CVE-2022-1134
  critical
• CVE-2022-1138
  high
• CVE-2022-1136
  critical
• CVE-2022-1127
  critical
• CVE-2022-1135
  critical
• CVE-2022-1129
  high
• CVE-2022-1139
  high
• CVE-2022-1137
  high
• CVE-2022-1130
  critical
• CVE-2022-1128
  high
• CVE-2022-1142
  critical
• CVE-2022-1125
  critical
• CVE-2022-1146
  high
• CVE-2022-1145
  critical
• CVE-2022-1131
  critical
• CVE-2022-1144
  critical

も参照してください

お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com