CVE-2022-0306
published 2022-02-12CVE-2022-0306: Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
PriorityP267high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
85.35%
99.7th percentile
Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 97.0.4692.99-1~deb11u2 | 97.0.4692.99-1~deb11u2 |
| chromium | chromium | >= 0 < 97.0.4692.99-1 | 97.0.4692.99-1 |
| chromium | chromium | >= 0 < 97.0.4692.99-1 | 97.0.4692.99-1 |
| chromium | chromium | >= 0 < 97.0.4692.99-1 | 97.0.4692.99-1 |
| debian | chromium | < chromium 97.0.4692.99-1 (bookworm) | chromium 97.0.4692.99-1 (bookworm) |
| chrome | < 97.0.4692.99 | 97.0.4692.99 | |
| chrome | >= unspecified < 97.0.4692.99 | 97.0.4692.99 | |
| msrc | microsoft_edge | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is triggered via a crafted HTML page delivered remotely, targeting the PDFium component in Google Chrome prior to 97.0.4692.99 ↗
- ·Fixed in Google Chrome 97.0.4692.99; versions prior to this are vulnerable to the PDFium heap buffer overflow ↗
- ·Debian packages resolved in chromium 97.0.4692.99-1 across bookworm, bullseye, forky, sid, and trixie ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.8HIGH
vendor_debian8.8HIGH
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v2fq-q4m8-fwf4: Heap buffer overflow in PDFium in Google Chrome prior to 97
ghsa_unreviewed·2022-02-15
CVE-2022-0306 [HIGH] CWE-787 GHSA-v2fq-q4m8-fwf4: Heap buffer overflow in PDFium in Google Chrome prior to 97
Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
OSV
CVE-2022-0306: Heap buffer overflow in PDFium in Google Chrome prior to 97
osv·2022-02-12·CVSS 8.8
CVE-2022-0306 [HIGH] CVE-2022-0306: Heap buffer overflow in PDFium in Google Chrome prior to 97
Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Microsoft
Chromium: CVE-2022-0306 Heap buffer overflow in PDFium
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0306 [HIGH] Chromium: CVE-2022-0306 Heap buffer overflow in PDFium
Chromium: CVE-2022-0306 Heap buffer overflow in PDFium
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In
Debian
CVE-2022-0306: chromium - Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a ...
vendor_debian·2022·CVSS 8.8
CVE-2022-0306 [HIGH] CVE-2022-0306: chromium - Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a ...
Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Scope: local
bookworm: resolved (fixed in 97.0.4692.99-1)
bullseye: resolved (fixed in 97.0.4692.99-1~deb11u2)
forky: resolved (fixed in 97.0.4692.99-1)
sid: resolved (fixed in 97.0.4692.99-1)
trixie: resolved (fixed in 97.0.4692.99-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/166367/Chrome-chrome_pdf-PDFiumEngine-RequestThumbnail-Heap-Buffer-Overflow.htmlhttps://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.htmlhttps://crbug.com/1283198http://packetstormsecurity.com/files/166367/Chrome-chrome_pdf-PDFiumEngine-RequestThumbnail-Heap-Buffer-Overflow.htmlhttps://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.htmlhttps://crbug.com/1283198
2022-02-12
Published