5 matches found
CVE-2022-2587
Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata...
Uncovering a ChromeOS remote memory corruption vulnerability
Microsoft discovered a memory corruption vulnerability in a ChromeOS component that can be triggered remotely, allowing attackers to perform either a denial-of-service DoS or, in extreme cases, remote code execution RCE. Following our D-Bus blog post that focused on Linux, we searched for similar...
Uncovering a ChromeOS remote memory corruption vulnerability
Microsoft discovered a memory corruption vulnerability in a ChromeOS component that can be triggered remotely, allowing attackers to perform either a denial-of-service DoS or, in extreme cases, remote code execution RCE. Following our D-Bus blog post that focused on Linux, we searched for similar...
CVE-2022-2587
CVE-2022-2587 refers to an out-of-bounds write in the ChromeOS CRAS (Chrome OS Audio Server) component of Google Chrome on ChromeOS before 102.0.5005.125. The underlying cause is an unsafe strcpy-based copy of a user-controlled identity string, allocated as 128 bytes on the heap, allowing a remot...
CVE-2022-2587
Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata...