CVE-2022-0466 An attacker could perform a sandbox escape on Chrome users who installed a malicious extension in earlier versions.

Google Bug Tracker link [link fixed on 2018-08-23] This issue was resolved in version 98.0.4758.80 or later. In all Chromium releases prior to version 98.0.4758.80, extensions were not properly handled when they were installed via HTML. Malicious web sites could easily cause users to install extensions with code that could exploit these issues.

What do we mean by “extensions aren’t installed securely”?

When a user installs an extension via HTML, they often don't have the same level of control over it. For example, if a user installs an extension that contains malicious code, they can have it silently run in the background and steal their information or install adware or malware on their system. In fact, some software may even be spying on what you're doing.
Google released a fix for this issue that protects against these types of issues by requiring passwords for extensions that are installed this way.

Overview of the Security Vulnerability

A security vulnerability in Chrome extensions was discovered on 2017-06-08. The vulnerability is present in all Chromium releases prior to version 98.0.4758.80 and might allow websites to install extensions with code that could exploit these issues. Google addressed this issue in version 98.0.4758.80 or later and has mitigated the risk of exploitation significantly by not loading untrusted extensions into privileged contexts like JavaScript Window objects, popups and other browser chrome objects.

Security Risk: Potential Code Execution

The issue was fixed in version 98.0.4758.80 or later of the Chromium browser.

What to do if you are currently using an extension with code execution bug

If your extension is affected by this bug, you do not need to take any action.

Scoping issue: Extensions not loaded properly

Extensions were not loaded properly in Chromium prior to version 98.0.4758.80. This could allow malicious web sites to easily exploit this issue by installing extensions that would be able to collect data from the user's browser and send them back to the malicious site.

Timeline

Published on: 04/05/2022 01:15:00 UTC
Last modified on: 04/13/2022 13:27:00 UTC

References

• https://crbug.com/1115460
• https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0466