CVE-2022-2621

Details

Use after free in Extensions in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.

Affected Packages

Google Chrome

Windows 10 (1507)Windows 10 (1607) / Server 2016Windows 10 (1809) / Server 2019Windows 10 (1903)Windows 10 (1909)

Fixed in:

104.0.5112.79

References

WEBhttps://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html WEBhttps://crbug.com/1323449 ADVISORYhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/ADVISORYhttps://security.gentoo.org/glsa/202208-35 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2022-2621

CVE-2022-2621

Details

Affected Packages

References

CVSS Analysis

Ecosystems(20)

Timeline