Showing 1 - 1 of 1

CVE-2022-2998

Status Candidate

Overview

Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap corruption via a crafted HTML page.

Related Files

Chrome LinkToTextMenuObserver::CompleteWithError Heap Use-After-Free: Posted Sep 16, 2022; Authored by Google Security Research, Glazvunov; A use-after-free issue exists in Chrome 104 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process. LinkToTextMenuObserver holds a raw pointer to a RenderFrameHost object, but is not owned by the frame host and does not watch for frame host destruction events. Therefore, if an attacker manages to destroy the frame host right after the observer is created but before the timeout task posted in StartLinkGenerationRequestWithTimeout() is executed, use-after-free will occur.; tags | exploit, web, arbitrary, code execution; advisories | CVE-2022-2998; SHA-256 | 071c2f32b441a15bf0f0c6db3397a3899a646938aeb7df15abb5fc345c9589e8; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 217 files
indoushka 135 files
Ubuntu 92 files
Gentoo 33 files
Debian 27 files
Jasper Nota 25 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Google Security Research 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,110)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,913)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,631)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,781)
UNIX (9,441)
UnixWare (187)
Windows (6,676)
Other

CVE-2022-2998

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems