CVE-2022-0104 Heap buffer overflow in ANGLE before 97.0.4692.71 could lead to imepiate heap corruption.

CVE-2022-0104 Heap buffer overflow in ANGLE before 97.0.4692.71 could lead to imepiate heap corruption.

This issue was addressed by updating to Google Chrome 97.0.4692.0.

WebM integer overflow in WebM in Google Chrome prior to 97.0.4679.9 allowed a remote attacker to potentially exploit heap corruption via a crafted WebM file.
In addition to heap buffer overflow bugs, as well as other issues, such as remote code execution, this version also fixes a crash bug.

In Google Chrome OS prior to 72.0, user could cause a system crash if they loaded a maliciously crafted website with Chrome's HTML Viewer.

In Google Chrome OS prior to 72.0, user could potentially cause a system crash by setting an invalid value for a variable.
If a user set an URL of a malicious website in their local cache, then the system may crash when Chrome tries to load the malicious website.
In Google Chrome OS prior to 72.0, user could potentially cause a system crash by setting an invalid value for a variable.If a user set an URL of a malicious website in their local cache, then the system may crash when Chrome tries to load the malicious website.
If a user enabled Vsync on a specific monitor, and set a window to always be on the same monitor, then the system may crash when Chrome tries to render the window on the other monitor.
In Google Chrome OS prior to 72.0, user could potentially cause a system crash by setting an invalid value for a variable.

Product name:

Google Chrome
Product version: Google Chrome OS 72.0.3604.4, Google Chrome for Linux 67.0.3396.87, Google Chrome OS 69.0.3497.100
Company name: Google Inc

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe