CVE-2022-2609
https://notcve.org/view.php?id=CVE-2022-2609
Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. Un uso de la memoria previamente liberada en Nearby Share en Google Chrome en Chrome OS versiones anteriores a 104.0.5112.79, permitía a un atacante remoto que convencía a un usuario de participar en interacciones de usuario específicas explotar potencialmente la corrupción de la pila por medio de interacciones de Interfaz de Usuario específicas. • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html https://crbug.com/1338560 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE https://security.gentoo.org/glsa/202208-35 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2022-2608
https://notcve.org/view.php?id=CVE-2022-2608
Use after free in Overview Mode in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. Un uso de la memoria previamente liberada en Overview Mode en Google Chrome en Chrome OS versiones anteriores a 104.0.5112.79, permitía a un atacante remoto que convencía a un usuario de participar en interacciones de usuario específicas para explotar potencialmente la corrupción de la pila por medio de interacciones de Interfaz de Usuario específicas. • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html https://crbug.com/1330775 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE https://security.gentoo.org/glsa/202208-35 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2022-2607
https://notcve.org/view.php?id=CVE-2022-2607
Use after free in Tab Strip in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. Un uso de la memoria previamente liberada en Tab Strip en Google Chrome en Chrome OS versiones anteriores a 104.0.5112.79, permitía a un atacante remoto que convencía a un usuario de participar en interacciones de usuario específicas para explotar potencialmente la corrupción de la pila por medio de interacciones de Interfaz de Usuario específicas. • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html https://crbug.com/1286203 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2022-2606
https://notcve.org/view.php?id=CVE-2022-2606
Use after free in Managed devices API in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enable a specific Enterprise policy to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Managed devices API en Google Chrome versiones anteriores a 104.0.5112.79, permitía que un atacante remoto que convenciera a un usuario de habilitar una política de empresa específica explotara potencialmente la corrupción de la pila por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html https://crbug.com/1330489 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE https://security.gentoo.org/glsa/202208-35 • CWE-416: Use After Free •
CVE-2022-2605
https://notcve.org/view.php?id=CVE-2022-2605
Out of bounds read in Dawn in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. La lectura fuera de límites en Dawn en Google Chrome versiones anteriores a 104.0.5112.79, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html https://crbug.com/1338470 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE https://security.gentoo.org/glsa/202208-35 • CWE-125: Out-of-bounds Read •