KLA12493
Multiple vulnerabilities in Google Chrome

Обновлено: 31/03/2022
Дата обнаружения
29/03/2022
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Heap buffer overflow vulnerability in WebUI can be exploited to cause denial of service.
  2. Use after free in WebRTC vulnerability can be exploited to cause denial of service or execute arbitrary code.
  3. Use after free vulnerability in File Manager can be exploited to cause denial of service or execute arbitrary code.
  4. Implementation vulnerability in Virtual Keyboard can be exploited to cause denial of service.
  5. Type confusion vulnerability in V8 can be exploited to cause denial of service.
  6. Implementation vulnerability in Web Cursor can be exploited to cause denial of service.
  7. Use after free vulnerability in Tab Strip can be exploited to cause denial of service or execute arbitrary code.
  8. Use after free vulnerability in QR Code Generator can be exploited to cause denial of service or execute arbitrary code.
  9. Use after free vulnerability in Shopping Cart can be exploited to cause denial of service or execute arbitrary code.
  10. Implementation vulnerability in Full Screen Mode can be exploited to cause denial of service.
  11. Implementation vulnerability in Background Fetch API can be exploited to cause denial of service.
  12. Implementation in Extensions can be exploited to cause denial of service.
  13. Insufficient validation of untrusted input in WebOTP can be exploited to cause denial of service.
  14. Implementation vulnerability in Web Share API can be exploited to cause denial of service.
  15. Use after free vulnerability in Portals can be exploited to cause denial of service or execute arbitrary code.
  16. Implementation vulnerability in Resource Timing can be exploited to cause denial of service.
  17. Use after free vulnerability in Extensions can be exploited to cause denial of service or execute arbitrary code.
  18. Use after free vulnerability in Cast UI can be exploited to cause denial of service or execute arbitrary code.
  19. Use after free vulnerability in WebUI can be exploited to cause denial of service or execute arbitrary code.
Пораженные продукты

Google Chrome earlier than 100.0.4896.60

Решение

Update to the latest version
Download Google Chrome

Первичный источник обнаружения
Stable Channel Update for Desktop
Оказываемое влияние
?
ACE 
[?]

DoS 
[?]
Связанные продукты
Google Chrome
Узнай статистику распространения уязвимостей в твоем регионе