Home

Description

Use after free in Exosphere in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. (Chrome security severity: High)

PUBLISHED Reserved 2022-08-09 | Published 2023-01-02 | Updated 2024-10-22 | Assigner Chrome

Problem types

Use after free

Product status

Any version before 104.0.5112.79
affected

References

chromereleases.googleblog.com/...nel-update-for-desktop.html

crbug.com/1319172

cve.org (CVE-2022-2742)

nvd.nist.gov (CVE-2022-2742)

Download JSON