CVE-2022-2998
published 2022-09-26CVE-2022-2998: Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI…
PriorityP359high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
30.26%
98.0th percentile
Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap corruption via a crafted HTML page.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 104.0.5112.101-1~deb11u1 | 104.0.5112.101-1~deb11u1 |
| chromium | chromium | >= 0 < 104.0.5112.101-1 | 104.0.5112.101-1 |
| chromium | chromium | >= 0 < 104.0.5112.101-1 | 104.0.5112.101-1 |
| chromium | chromium | >= 0 < 104.0.5112.101-1 | 104.0.5112.101-1 |
| debian | chromium | < chromium 104.0.5112.101-1 (bookworm) | chromium 104.0.5112.101-1 (bookworm) |
| chrome | < 104.0.5112.101 | 104.0.5112.101 | |
| chrome | >= unspecified < 104.0.5112.101 | 104.0.5112.101 | |
| chrome_chrome | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Chrome
Long Term Support Candidate Channel for ChromeOS: CVE-2022-2998
vendor_chrome·2022-09-09·CVSS 8.8
CVE-2022-2998 [HIGH] Long Term Support Candidate Channel for ChromeOS: CVE-2022-2998
Long Term Support Candidate Channel for ChromeOS
CVE-2022-2998
Chrome
Stable Channel Update for Desktop: CVE-2022-2856
vendor_chrome·2022-08-16·CVSS 6.5
CVE-2022-2856 [HIGH] Stable Channel Update for Desktop: CVE-2022-2856
Stable Channel Update for Desktop
CVE-2022-2856: Insufficient validation of untrusted input in Intents. Reported by Ashley Shen and Christian Resell of Google Threat Analysis Group on 2022-07-19 [$NA][ 1329794 ] High CVE-2022-2998: Use after free in Browser Creation
Reported by Sergei Glazunov of Google Project Zero on 2022-05-27 [$3000][ 1338412 ] Medium CVE-2022-2859: Use after free in Chrome OS Shell
Severity: high
Debian
CVE-2022-2998: chromium - Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allo...
vendor_debian·2022·CVSS 8.8
CVE-2022-2998 [HIGH] CVE-2022-2998: chromium - Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allo...
Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap corruption via a crafted HTML page.
Scope: local
bookworm: resolved (fixed in 104.0.5112.101-1)
bullseye: resolved (fixed in 104.0.5112.101-1~deb11u1)
forky: resolved (fixed in 104.0.5112.101-1)
sid: resolved (fixed in 104.0.5112.101-1)
trixie: resolved (fixed in 104.0.5112.101-1)
GHSA
GHSA-f84q-wwjh-mq43: Use after free in Browser Creation in Google Chrome prior to 104
ghsa_unreviewed·2022-09-27
CVE-2022-2998 [HIGH] CWE-416 GHSA-f84q-wwjh-mq43: Use after free in Browser Creation in Google Chrome prior to 104
Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap corruption via a crafted HTML page.
OSV
CVE-2022-2998: Use after free in Browser Creation in Google Chrome prior to 104
osv·2022-09-26·CVSS 8.8
CVE-2022-2998 [HIGH] CVE-2022-2998: Use after free in Browser Creation in Google Chrome prior to 104
Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap corruption via a crafted HTML page.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-09-26
Published