CVE-2022-4135

Google Chromium GPU Heap Buffer Overflow Vulnerability

Severity Score

9.6

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

Yes

*KEV

Decision

*SSVC

Descriptions

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

El desbordamiento del búfer de montón en GPU en Google Chrome anterior a 107.0.5304.121 permitió a un atacante remoto que había comprometido el proceso de renderizado realizar potencialmente un escape de la zona de pruebas a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta)

Google Chromium GPU contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

*Credits: N/A

CVSS Scores

NISTv3.1 9.6

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-11-24 CVE Reserved
2022-11-25 CVE Published
2022-11-28 Exploited in Wild
2022-12-19 KEV Due Date
2024-08-03 CVE Updated
2024-08-03 First Exploit
2024-11-09 EPSS Updated

CWE

CWE-787: Out-of-bounds Write

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC
https://crbug.com/1392715	2024-08-03

URL	Date	SRC

URL	Date	SRC
https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_24.html	2024-06-28
https://security.gentoo.org/glsa/202305-10	2024-06-28

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Google Search vendor "Google"		Chrome Search vendor "Google" for product "Chrome"				< 107.0.5304.121 Search vendor "Google" for product "Chrome" and version " < 107.0.5304.121"		-		Affected
Microsoft Search vendor "Microsoft"		Edge Search vendor "Microsoft" for product "Edge"				< 107.0.1418.62 Search vendor "Microsoft" for product "Edge" and version " < 107.0.1418.62"		-		Affected
Microsoft Search vendor "Microsoft"		Edge Chromium Search vendor "Microsoft" for product "Edge Chromium"				< 107.0.5304.150 Search vendor "Microsoft" for product "Edge Chromium" and version " < 107.0.5304.150"		-		Affected