CVE-2022-1633
Gentoo Linux Security Advisory 202208-25
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Use after free in Sharesheet in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions.
Un uso de memoria previamente liberada en Sharesheet en Google Chrome en Chrome OS versiones anteriores a 101.0.4951.64, permitía a un atacante remoto que había convencido a un usuario de participar en interacciones de UI específicas para explotar potencialmente la corrupción de la pila por medio de interacciones de usuario específicas.
Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.15.5_p20220618>= are affected.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-05-09 CVE Reserved
- 2022-05-28 CVE Published
- 2024-08-03 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_10.html | 2022-10-26 | |
| https://security.gentoo.org/glsa/202208-25 | 2022-10-26 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | < 101.0.4951.64 Search vendor "Google" for product "Chrome" and version " < 101.0.4951.64" | - |
Affected
| in | Google Search vendor "Google" | Chrome Os Search vendor "Google" for product "Chrome Os" | - | - |
Safe
|