CVE-2022-0470 In V8, memory access out of bounds led to heap corruption. This could be exploited by a malicious page.

CVE-2022-0470 In V8, memory access out of bounds led to heap corruption. This could be exploited by a malicious page.

CVE-2018-6127 had been assigned these issues in Chromium. These issues were fixed in V8 version 5.6.8p131.
This issue was discovered by Dawid Golunski of Google.

On Windows, if the "Enable digital signing" option is not enabled in the browser's settings, then Google Chrome will not be able to verify the signature of the application being loaded via the "Load unpacked extension" feature of the browser. If the application is signed with an invalid signature, then the application will be loaded instead of Chrome.
In addition, a specially crafted signed application can also load arbitrary extensions.

On Windows and Mac, Chrome will display an error message when running a signed application with an invalid signature.
This issue does not affect the operating system itself, but it can be exploited to load arbitrary extensions.

Google Chrome prior to version 68.0.3440.75 allowed a remote attacker to bypass the prompt to enable two-factor authentication via a crafted web site.

This vulnerability was fixed in version 68.0.3440.75.

On Windows, if the "Enable digital signing" option is not enabled in the browser's settings, then Google Chrome will not be able to verify the signature of the application being loaded via the "Load unpacked extension" feature of the browser. If the application is signed with an invalid signature, then the application will be loaded instead of Chrome.
In

BREADTH OF THE ISSUE

The vulnerability is in the browser. If you are running a vulnerable version of the browser, this vulnerability may allow an attacker to bypass two-factor authentication. This vulnerability does not affect the operating system itself.

Google Chrome prior to version 68.0.3440.63 allowed a remote attacker to bypass the prompt to enable two-factor authentication via a crafted web site.

This vulnerability was fixed in version 68.0.3440.63.

How to fix code

On Windows, if the "Enable digital signing" option is not enabled in the browser's settings, then Google Chrome will not be able to verify the signature of the application being loaded via the "Load unpacked extension" feature of the browser. If the application is signed with an invalid signature, then the application will be loaded instead of Chrome.
In addition, a specially crafted signed application can also load arbitrary extensions.
On Windows and Mac, Chrome will display an error message when running a signed application with an invalid signature.
This issue does not affect the operating system itself, but it can be exploited to load arbitrary extensions.
Google Chrome prior to version 68.0.3440.75 allowed a remote attacker to bypass the prompt to enable two-factor authentication via a crafted web site.
This vulnerability was fixed in version 68.0.3440.75

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe