CVE-2022-2296

🗓️ 28 Jul 2022 01:01:01Reported by ChromeType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 153 Views

CVE-2022-2296 Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions

Reporter	Title	Published	Views	Family All 47
FreeBSD	chromium -- multiple vulnerabilities	4 Jul 202200:00	–	freebsd
ATTACKERKB	CVE-2022-2296	28 Jul 202202:15	–	attackerkb
AlpineLinux	CVE-2022-2296	28 Jul 202201:01	–	alpinelinux
Circl	CVE-2022-2296	5 Jul 202211:15	–	circl
CNNVD	Google Chrome 资源管理错误漏洞	4 Jul 202200:00	–	cnnvd
Cvelist	CVE-2022-2296	28 Jul 202201:01	–	cvelist
Debian	[SECURITY] [DSA 5180-1] chromium security update	11 Jul 202217:47	–	debian
Debian CVE	CVE-2022-2296	28 Jul 202201:01	–	debiancve
Tenable Nessus	Debian DSA-5180-1 : chromium - security update	12 Jul 202200:00	–	nessus
Tenable Nessus	FreeBSD : chromium -- multiple vulnerabilities (744ec9d7-fe0f-11ec-bcd2-3065ec8fd3ec)	8 Jul 202200:00	–	nessus

NVD

Vulners

Node

google chromeRange<103.0.5060.114

AND

google chrome_osMatch-

Node

fedoraproject extra_packages_for_enterprise_linuxMatch8.0

fedoraproject fedoraMatch35

fedoraproject fedoraMatch36

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "103.0.5060.114",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BQRTR4SIUNIHLLPWTGYSDNQK7DYCRSB/
security	www.security.gentoo.org/glsa/202208-35
chromereleases	www.chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H2C4XOJVIILDXTOSMWJXHSQNEXFWSOD7/
crbug	www.crbug.com/1327087