CVE-2022-1478 After free in SwiftShader allowed a remote attacker to exploit heap corruption.

This issue was addressed by disabling the webGL renderer. WebGL is currently not enabled by default in Google Chrome. If you are using an operating system that does not provide webGL by default, such as Windows XP, Windows 8, or an Android device, and wish to use SwiftShader, you must explicitly enable webGL via the command line or in your browser’s settings. For more information, see Enabling webGL. CVE-2018-6229. Google discovered a vulnerability in the handling of malformed SVG (Scalable Vector Graphics) images that could result in the execution of code without prompting the user. This issue affected Chrome versions prior to version 72.0.0. This issue was addressed by improving the prompt that is displayed when a malformed SVG image is encountered.

Developer Notes

It is possible that a malicious website could trigger the vulnerability.

Google Vulnerability Rewards Program

Google's Vulnerability Rewards Program was designed to provide financial support for researchers who find and report security vulnerabilities in Google products. In addition to finding and reporting a vulnerability, participants must also demonstrate that they have attempted to responsibly disclose the issue through one of the following channels:
- The responsible disclosure policy set forth by their employer or institution
- The responsible disclosure policy set forth by Google via email
- Other means as approved by Google
- Communication with the product's vendor
If you are able to identify any security vulnerabilities in any of our products, please get in touch with us. We appreciate your help, and we hope you will be rewarded for your efforts.

Change Log

On May 16, 2018, Google Chrome implemented a change to improve the prompt that is displayed when a malformed SVG image is encountered.
On December 27, 2017, Google Chrome released an update (72.0.3626.81) that disables the webGL renderer by default on all operating systems since it was discovered that this renderer could be used to exploit the CVE-2018-6229 vulnerability.
On September 26, 2017, Google Chrome released an update (64.0.3282.97) that prevents the execution of code without prompting the user in situations where a malformed SVG image is encountered via a specially crafted HTML page in versions prior to 64.0.3282.97 due to CVE-2017-14714.

How did SwiftShader get my email?

SwiftShader does not collect your email for any purpose other than to fix a bug in the webGL renderer.

Timeline

Published on: 07/26/2022 22:15:00 UTC
Last modified on: 08/15/2022 11:16:00 UTC

References

• https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html
• https://crbug.com/1299261
• https://security.gentoo.org/glsa/202208-25
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1478