Showing 1 - 1 of 1

CVE-2022-2998

Status Candidate

Overview

Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap corruption via a crafted HTML page.

Related Files

Chrome LinkToTextMenuObserver::CompleteWithError Heap Use-After-Free: Posted Sep 16, 2022; Authored by Google Security Research, Glazvunov; A use-after-free issue exists in Chrome 104 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process. LinkToTextMenuObserver holds a raw pointer to a RenderFrameHost object, but is not owned by the frame host and does not watch for frame host destruction events. Therefore, if an attacker manages to destroy the frame host right after the observer is created but before the timeout task posted in StartLinkGenerationRequestWithTimeout() is executed, use-after-free will occur.; tags | exploit, web, arbitrary, code execution; advisories | CVE-2022-2998; SHA-256 | 071c2f32b441a15bf0f0c6db3397a3899a646938aeb7df15abb5fc345c9589e8; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 261 files
Ubuntu 106 files
indoushka 23 files
Debian 20 files
Gentoo 14 files
Google Security Research 13 files
CraCkEr 11 files
Mirabbas Agalarov 9 files
Apple 8 files
Ivan Fratric 7 files

File Archives

Systems

AIX (428)
Apple (1,979)
BSD (373)
CentOS (57)
Cisco (1,920)
Debian (6,755)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,321)
HPUX (879)
iOS (344)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,851)
Mac OS X (685)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (13,365)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,645)
UNIX (9,245)
UnixWare (186)
Windows (6,555)
Other

CVE-2022-2998

Overview

Related Files

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems