CVE-2022-4906
published 2023-07-29CVE-2022-4906: Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML…
PriorityP258high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
12.96%
95.8th percentile
Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 108.0.5359.71-2~deb11u1 | 108.0.5359.71-2~deb11u1 |
| chromium | chromium | >= 0 < 108.0.5359.71-1 | 108.0.5359.71-1 |
| chromium | chromium | >= 0 < 108.0.5359.71-1 | 108.0.5359.71-1 |
| chromium | chromium | >= 0 < 108.0.5359.71-1 | 108.0.5359.71-1 |
| debian | chromium | < chromium 108.0.5359.71-1 (bookworm) | chromium 108.0.5359.71-1 (bookworm) |
| chrome | < 108.0.5359.71 | 108.0.5359.71 | |
| chrome | >= 108.0.5359.71 < 108.0.5359.71 | 108.0.5359.71 | |
| chrome_chrome | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability exists in Google Chrome versions prior to 108.0.5359.71 in the Blink rendering engine; detect outdated Chrome installations below this version ↗
- →Attack vector is a crafted HTML page delivered remotely; monitor for suspicious HTML content triggering anomalous read/write behavior in browser processes ↗
- ·Fixed version is 108.0.5359.71; Debian packages vary by release branch but all resolve to this upstream version or its backport ↗
- ·Debian scope is listed as 'local' in the security tracker, which may affect prioritization in local-only deployment contexts ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vpq5-jqf8-qwgm: Inappropriate implementation in Blink in Google Chrome prior to 108
ghsa_unreviewed·2023-07-29
CVE-2022-4906 [HIGH] GHSA-vpq5-jqf8-qwgm: Inappropriate implementation in Blink in Google Chrome prior to 108
Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
OSV
CVE-2022-4906: Inappropriate implementation in Blink in Google Chrome prior to 108
osv·2023-07-29·CVSS 8.8
CVE-2022-4906 [HIGH] CVE-2022-4906: Inappropriate implementation in Blink in Google Chrome prior to 108
Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
Project0
Project Zero RCA: CVE-2022-3723: Logic Issue in Turbofan JIT Compiler
project_zero·CVSS 8.8
CVE-2022-3723 [HIGH] Project Zero RCA: CVE-2022-3723: Logic Issue in Turbofan JIT Compiler
# CVE-2022-3723: Logic Issue in Turbofan JIT Compiler
*Samuel Groß, V8 Security*
## The Basics
**Disclosure or Patch Date:** 27 October 2022
**Product:** Google Chrome
**Advisory:** https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_27.html
**Affected Versions:** 107.0.5304.62 and previous
**First Patched Version:** 107.0.5304.87
**Issue/Bug Report:** https://bugs.chromium.org/p/chromium/issues/detail?id=1378239 (Embargoed)
**Patch CL:** https://chromium.googlesource.com/v8/v8/+/db83e72034c0d431ff2f73e3c4ae3130c0f3e4e1
**Bug-Introducing CL:** N/A
**Reporter(s):** Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast
## The Code
**Proof-of-concept:**
```javascript
// --expose-gc --allow-natives-syntax
function setInnerProperty(o) {
o.inner.foo = {};
}
Chrome
Stable Channel Update for Desktop: CVE-2023-7012
vendor_chrome·2023-09-12·CVSS 4.3
CVE-2023-7012 [MEDIUM] Stable Channel Update for Desktop: CVE-2023-7012
Stable Channel Update for Desktop
CVE-2023-7012: Insufficient data validation in Permission Prompts. Reported by koocola (@alo_cook) and Nan Wang (@eternalsakura13) of 360 Alpha Lab on 2022-10-28 [$6000][ 1449874 ] Low CVE-2023-4906: Insufficient policy enforcement in Autofill
Reported by Ahmed ElMasry on 2023-05-30 [$2000][ 1462104 ] Low CVE-2023-4907: Inappropriate implementation in Intents
Severity: medium
Chrome
Stable Channel Update for Desktop: CVE-2022-4180
vendor_chrome·2022-11-29·CVSS 8.8
CVE-2022-4180 [HIGH] Stable Channel Update for Desktop: CVE-2022-4180
Stable Channel Update for Desktop
CVE-2022-4180: Use after free in Mojo. Reported by Anonymous on 2022-10-26 [$NA] [ 1382434 ] High CVE-2022-4906: Inappropriate implementation in Blink
Reported by Sergei Glazunov of Google Project Zero on 2022-11-08 [$TBD][ 1382581 ] High CVE-2022-4181: Use after free in Forms
Severity: high
Debian
CVE-2022-4906: chromium - Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 al...
vendor_debian·2022·CVSS 8.8
CVE-2022-4906 [HIGH] CVE-2022-4906: chromium - Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 al...
Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
Scope: local
bookworm: resolved (fixed in 108.0.5359.71-1)
bullseye: resolved (fixed in 108.0.5359.71-2~deb11u1)
forky: resolved (fixed in 108.0.5359.71-1)
sid: resolved (fixed in 108.0.5359.71-1)
trixie: resolved (fixed in 108.0.5359.71-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_29.htmlhttps://crbug.com/1382434https://lists.fedoraproject.org/archives/list/[email protected]/message/2LE64KGGOISKPKMYROSDT4K6QFVDIRF6/https://lists.fedoraproject.org/archives/list/[email protected]/message/B6SAST6CB5KKCQKH75ER2UQ3ICYPHCIZ/https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_29.htmlhttps://crbug.com/1382434https://lists.fedoraproject.org/archives/list/[email protected]/message/2LE64KGGOISKPKMYROSDT4K6QFVDIRF6/https://lists.fedoraproject.org/archives/list/[email protected]/message/B6SAST6CB5KKCQKH75ER2UQ3ICYPHCIZ/
2023-07-29
Published