Google has updated Chrome to fix seven browser security flaws, four of which are classified as high risk. Full details of how the vulnerabilities can be exploited are yet to be disclosed per Google’s policy of waiting for most users to patch their browsers.
According to an alert issued by the CISA, attackers can exploit these Chrome vulnerabilities in Windows, Linux or macOS to remotely take over an impacted system. The agency also encouraged users to update to Chrome version 102.0.5005.115.
The major addressing point of the update were the four high-risk vulnerabilities that opened up users to remote takeovers and memory buffer attacks that could let attackers take over the browser or, in some cases, the entire machine remote. The four high-risk vulnerabilities are as follows:
| Vulnerability | Description | Disclosed by |
|---|---|---|
| CVE-2022-2007 | Use-After-Free vulnerability in WebGPU allows an attacker to exploit the incorrect use of dynamic memory during a program’s operations to hack the host program. | David Manouchehri |
| CVE-2022-2008 | Out-of-bounds memory access vulnerability in WebGL. This flaw will let attackers gain access to sensitive information that should otherwise be secure. | khangkito – Tran Van Khang |
| CVE-2022-2010 | Out-of-bounds read vulnerability in the Chrome Compositing component. | Mark Brand (Google Project Zero) |
| CVE-2022-2011 | Use-After-Free vulnerability in ANGLE, an open-source cross-platform graphics engine abstraction layer used in the Chrome backend. | SeongHwan Park |
These vulnerabilities have been discovered by Google’s Project Zero research team (CVE-2022-2010) and several independent security researchers. David Manouchehri, the researcher who disclosed CVE-2022-2007, received a bug bounty of $10,000. Bug bounties for CVE-2022-2008 and CVE-2022-2011 disclosures are yet to be determined.
Other than withholding access to bug details until most Chrome users have updated their browsers, the company also stated that it may extend its restrictions if the bug exists in a third-party library that other projects similarly depend on but haven’t been fixed yet.
In the News: Travis CI leaks credentials, including open-source auth tokens
Someone who writes/edits/shoots/hosts all things tech and when he’s not, streams himself racing virtual cars.
You can contact him here: [email protected]
