CVE-2022-2011 An attacker could exploit heap corruption in Google Chrome after an after free vulnerability to gain access to a user account.

CVE-2022-2011 An attacker could exploit heap corruption in Google Chrome after an after free vulnerability to gain access to a user account.

CVE-2017-7593: Out of bounds read in Skia library. In the course of parsing an HTML page, the Skia library on Google Chrome prior to 102.0.572.2 would attempt to access data that was outside the bounds of the image. This was caused by a Redeclaration issue. This issue was fixed by updating to version libfreetype.so in package libfreetype.so.6.1.

CVE-2017-7592: Out of bounds read in PDFium. In the course of parsing an HTML page, the PDFium library on Google Chrome prior to 102.0.572.2 would attempt to access data that was outside the bounds of the image. This was caused by a Redeclaration issue. This issue was fixed by updating to version libpng.so.4.
Redeclaration of this type has been known to lead to memory corruption issues. This issue was fixed by updating to version libpng.so.4. Redeclaration of this type has been known to lead to memory corruption issues. This issue was fixed by updating to version libpng.so.4.

CVE-2017-7591: Out of bounds read in Web Audio. In the course of parsing an HTML page, the Web Audio library on Google Chrome prior to 102.0.572.2 would attempt to access data that was outside the bounds of the image. This was caused by

Mitigation Strategies

Mitigation strategies for this issue include:
- Updating to version libpng.so.4 or libfreetype.so.6

Redeclaration of this type has been known to lead to memory corruption issues. This issue was fixed by updating to version libpng.so.4 or libfreetype.so.6
- Disabling Web Audio in Google Chrome

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe