CVE-2022-3038
published 2022-09-26CVE-2022-3038: Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML…
PriorityP185high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2023-04-20
Exploited in the wild
EPSS
24.74%
97.6th percentile
Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 105.0.5195.52-1~deb11u1 | 105.0.5195.52-1~deb11u1 |
| chromium | chromium | >= 0 < 105.0.5195.52-1 | 105.0.5195.52-1 |
| chromium | chromium | >= 0 < 105.0.5195.52-1 | 105.0.5195.52-1 |
| chromium | chromium | >= 0 < 105.0.5195.52-1 | 105.0.5195.52-1 |
| debian | chromium | < chromium 105.0.5195.52-1 (bookworm) | chromium 105.0.5195.52-1 (bookworm) |
| fedoraproject | fedora | — | — |
| chrome | < 105.0.5195.52 | 105.0.5195.52 | |
| chrome | >= unspecified < 105.0.5195.52 | 105.0.5195.52 | |
| chrome_chrome | — | — | |
| msrc | microsoft_edge | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploitation vector is a crafted HTML page delivered remotely, triggering a use-after-free in the Network Service process of Chromium-based browsers ↗
- →CVE-2022-3038 is listed in CISA KEV as actively exploited; prioritize detection and patching across all Chromium-based browsers (Chrome, Edge, Opera) ↗
- ·Vulnerability is fixed in Google Chrome 105.0.5195.52 and later; versions prior to this are affected ↗
- ·Debian packages resolved in chromium 105.0.5195.52-1 across bookworm, bullseye, forky, sid, and trixie ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vulncheck8.8HIGH
cisa8.8HIGH
vendor_debian8.8HIGH
vendor_msrc8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Project0
Analyzing a Modern In-the-wild Android Exploit - Project Zero
project_zero·2023-09-01·CVSS 7.8
CVE-2022-22706 [HIGH] Analyzing a Modern In-the-wild Android Exploit - Project Zero
By Seth Jenkins, Project Zero
## Introduction
In December 2022, Google’s Threat Analysis Group (TAG) discovered an in-the-wild exploit chain targeting Samsung Android devices. TAG’s blog post covers the targeting and the actor behind the campaign. This is a technical analysis of the final stage of one of the exploit chains, specifically CVE-2023-0266 (a 0-day in the ALSA compatibility layer) and CVE-2023-26083 (a 0-day in the Mali GPU driver) as well as the techniques used by the attacker to gain kernel arbitrary read/write access.
Notably, several of the previous stages of the exploit chain used n-day vulnerabilities:
-
CVE-2022-4262, a 0-day vulnerability in Chrome was exploited in the Samsung browser to achieve RCE.
-
CVE-2022-3038, a Chrome n-day that unpatched in the Samsung
GHSA
GHSA-r8h7-mp45-wq8g: Use after free in Network Service in Google Chrome prior to 105
ghsa_unreviewed·2022-09-27
CVE-2022-3038 [HIGH] CWE-416 GHSA-r8h7-mp45-wq8g: Use after free in Network Service in Google Chrome prior to 105
Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
OSV
CVE-2022-3038: Use after free in Network Service in Google Chrome prior to 105
osv·2022-09-26·CVSS 8.8
CVE-2022-3038 [HIGH] CVE-2022-3038: Use after free in Network Service in Google Chrome prior to 105
Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
VulnCheck
Google Chromium Network Service Use-After-Free Vulnerability
vulncheck·2022·CVSS 8.8
CVE-2022-3038 [HIGH] CWE-416 Google Chromium Network Service Use-After-Free Vulnerability
Google Chromium Network Service Use-After-Free Vulnerability
Google Chromium Network Service contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Affected: Google Chromium Network Service
Required Action: Apply updates per vendor instructions.
Exploitation References: https://blog.google/threat-analysis-group/spyware-vendors-use-0-days-and-n-days-against-popular-platforms/; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://googleprojectzero.blogspot.com/2023/09/analyzing-modern-in-wild-android-exploit.html; https://t
Project0
Project Zero RCA: CVE-2022-4262: Incorrect Bytecode Generation by JavaScript Parser
project_zero·CVSS 8.8
CVE-2022-4262 [HIGH] Project Zero RCA: CVE-2022-4262: Incorrect Bytecode Generation by JavaScript Parser
# CVE-2022-4262: Incorrect Bytecode Generation by JavaScript Parser
*Samuel Groß, V8 Security*
## The Basics
**Disclosure or Patch Date:** 2 December 2022
**Product:** Google Chrome
**Advisory:** https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop.html
**Affected Versions:** 108.0.5359.71 and previous
**First Patched Version:** 108.0.5359.94
**Issue/Bug Report:** https://bugs.chromium.org/p/chromium/issues/detail?id=1394403
**Patch CL:** https://chromium.googlesource.com/v8/v8/+/27fa951ae4a3801126e84bc94d5c82dd2370d18b
**Bug-Introducing CL:** N/A
**Reporter(s):** Clement Lecigne of Google's Threat Analysis Group
## The Code
**Proof-of-concept:**
```javascript
let alloc = function() {
let tt = new ArrayBuffer(31 * 1024 * 1024 * 1024);
tt = new ArrayBu
CISA
Google Chromium Network Service Use-After-Free Vulnerability
cisa·2023-03-30·CVSS 8.8
CVE-2022-3038 [HIGH] CWE-416 Google Chromium Network Service Use-After-Free Vulnerability
Vulnerability: Google Chromium Network Service Use-After-Free Vulnerability
Affected: Google Chromium Network Service
Google Chromium Network Service contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action: Apply updates per vendor instructions.
Notes: https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html; https://nvd.nist.gov/vuln/detail/CVE-2022-3038
Remediation Due Date: 2023-04-20
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2022-3038
vendor_chrome·2022-11-30·CVSS 8.8
CVE-2022-3038 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2022-3038
Long Term Support Channel Update for ChromeOS
CVE-2022-3038
Microsoft
Chromium: CVE-2022-3038 Use after free in Network Service
vendor_msrc·2022-09-13·CVSS 8.8
CVE-2022-3038 [HIGH] Chromium: CVE-2022-3038 Use after free in Network Service
Chromium: CVE-2022-3038 Use after free in Network Service
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
Click on Help and Feedback
Click on About Microsoft Edge
Debian
CVE-2022-3038: chromium - Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowe...
vendor_debian·2022·CVSS 8.8
CVE-2022-3038 [HIGH] CVE-2022-3038: chromium - Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowe...
Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Scope: local
bookworm: resolved (fixed in 105.0.5195.52-1)
bullseye: resolved (fixed in 105.0.5195.52-1~deb11u1)
forky: resolved (fixed in 105.0.5195.52-1)
sid: resolved (fixed in 105.0.5195.52-1)
trixie: resolved (fixed in 105.0.5195.52-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/168596/Google-Chrome-103.0.5060.53-network-URLLoader-NotifyCompleted-Heap-Use-After-Free.htmlhttps://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.htmlhttps://crbug.com/1340253https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/https://security.gentoo.org/glsa/202209-23http://packetstormsecurity.com/files/168596/Google-Chrome-103.0.5060.53-network-URLLoader-NotifyCompleted-Heap-Use-After-Free.htmlhttps://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.htmlhttps://crbug.com/1340253https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/https://security.gentoo.org/glsa/202209-23https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-3038
2022-09-26
Published
2023-03-30
Added to CISA KEV
Exploited in the wild