CVE-2022-1313 An attacker could exploit heap corruption in tab group after free to gain remote privilege.

CVE-2022-1313 An attacker could exploit heap corruption in tab group after free to gain remote privilege.

Google released Chrome version 101, which included a patch for this issue. Web applications that process untrusted content or rely on cross-origin elements to trigger cross-site scripting (XSS) attacks may find this issue particularly pernicious. Due to the way tab groups are created and loaded in Google Chrome prior to version 100.0.4896.88, an attacker could potentially leverage this vulnerability to execute arbitrary code outside of the context of the current tab. This may lead to the compromise of system or user data in the context of the current session. After Google released a patch for this issue, all users are encouraged to update their installations to the latest version. End users and administrators are advised to review the policy restricting the usage of untrusted sources of content and to closely monitor user activities for suspicious or malicious activities. CVE-2018-6089 In the past, we have seen an increase in the number of redirect poisoning attacks against users accessing important resources via search engines, social networks, and news sites. Redirect poisoning occurs when a website secretly redirects a user to another site, perhaps in exchange for money or something else of value. A malicious site may entice users to follow a link by giving them something they desire. For example, a search engine may be enticed to follow a link to a website by giving the link higher rankings in search results

Vulnerability overview

This vulnerability exists in Google Chrome prior to version 100.0.4896.89, and is caused by the lack of validation on URLs that are loaded into a tab group object while handling event handlers.

Summary of the Issue

An attacker may leverage this vulnerability to execute code outside of the context of the current tab. However, due to the way that Chrome processes tabs, an attacker would need to be able to access a user's data from another tab or have access to their browsing history. An attacker could inject malicious JavaScript into a webpage and then redirect a user who is visiting the webpage from Google Chrome’s address bar, or they could inject malicious JavaScript into another website and use that site as a beacon for users.

What is redirect poisoning?

Google released Chrome version 101, which included a patch for this issue. Web applications that process untrusted content or rely on cross-origin elements to trigger cross-site scripting (XSS) attacks may find this issue particularly pernicious. Due to the way tab groups are created and loaded in Google Chrome prior to version 100.0.4896.88, an attacker could potentially leverage this vulnerability to execute arbitrary code outside of the context of the current tab. This may lead to the compromise of system or user data in the context of the current session. After Google released a patch for this issue, all users are encouraged to update their installations to the latest version. End users and administrators are advised to review the policy restricting the usage of untrusted sources of content and to closely monitor user activities for suspicious or malicious activities.
To be notified when service is back online:
1) Open your internet browser 2) Click "Settings" 3) On "Advanced settings", click "Reset settings" 4) Click "Reset" 5) You will be prompted to enter your password again 6) Enter your password and click "Reset Settings". 7) Once you have successfully completed these steps, you will be able to browse our site again

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe