Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution.
Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view, change, or delete data.
If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.
- CVE-2022–0789: Heap buffer overflow in ANGLE
- CVE-2022–0790: Use after free in Cast UI
- CVE-2022–0791: Use after free in Omnibox
- CVE-2022–0792: Out of bounds read in ANGLE
- CVE-2022–0793: Use after free in Views
- CVE-2022–0794: Use after free in WebShare
- CVE-2022–0795: Type Confusion in Blink Layout
- CVE-2022–0796: Use after free in Media. Reported by Cassidy Kim of Amber Security Lab
- CVE-2022–0797: Out of bounds memory access in Mojo
- CVE-2022–0798: Use after free in MediaStream
- CVE-2022–0799: Insufficient policy enforcement in Installer
- CVE-2022–0800: Heap buffer overflow in Cast UI
- CVE-2022–0801: Inappropriate implementation in HTML parser
- CVE-2022–0802: Inappropriate implementation in Full screen mode
- CVE-2022–0803: Inappropriate implementation in Permissions
- CVE-2022–0804: Inappropriate implementation in Full screen mode
- CVE-2022–0805: Use after free in Browser Switcher
- CVE-2022–0806: Data leak in Canvas
- CVE-2022–0807: Inappropriate implementation in Autofill
- CVE-2022–0808: Use after free in Chrome OS Shell
- CVE-2022–0809: Out of bounds memory access in WebXR