Showing 1 - 1 of 1

CVE-2022-2998

Status Candidate

Overview

Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap corruption via a crafted HTML page.

Related Files

Chrome LinkToTextMenuObserver::CompleteWithError Heap Use-After-Free: Posted Sep 16, 2022; Authored by Google Security Research, Glazvunov; A use-after-free issue exists in Chrome 104 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process. LinkToTextMenuObserver holds a raw pointer to a RenderFrameHost object, but is not owned by the frame host and does not watch for frame host destruction events. Therefore, if an attacker manages to destroy the frame host right after the observer is created but before the timeout task posted in StartLinkGenerationRequestWithTimeout() is executed, use-after-free will occur.; tags | exploit, web, arbitrary, code execution; advisories | CVE-2022-2998; SHA-256 | 071c2f32b441a15bf0f0c6db3397a3899a646938aeb7df15abb5fc345c9589e8; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 163 files
Ubuntu 101 files
indoushka 64 files
Debian 23 files
nu11secur1ty 19 files
Apple 13 files
CraCkEr 8 files
Google Security Research 7 files
Gentoo 7 files
LiquidWorm 4 files

File Archives

Systems

AIX (428)
Apple (2,016)
BSD (374)
CentOS (57)
Cisco (1,925)
Debian (6,843)
Fedora (1,692)
FreeBSD (1,245)
Gentoo (4,329)
HPUX (879)
iOS (355)
iPhone (108)
IRIX (220)
Juniper (68)
Linux (46,814)
Mac OS X (687)
Mandriva (3,105)
NetBSD (256)
OpenBSD (485)
RedHat (13,916)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,940)
UNIX (9,315)
UnixWare (186)
Windows (6,588)
Other

CVE-2022-2998

Overview

Related Files

File Archive:

September 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems