Debian Chromium vulnerabilities

CVE-2022-3890 [CRITICAL] CVE-2022-3890: chromium - Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304... Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 107.0.5304.110-1) bullseye: resolved (fixed in 107.0.5304.110-1~deb11u1

CVE-2022-4135 [CRITICAL] CVE-2022-4135: chromium - Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a r... Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 107.0.5304.121-1) bullseye: resolved (fixed in 107.0.5304.121-1~deb11u1) forky: resolve

CVE-2022-1312 [CRITICAL] CVE-2022-1312: chromium - Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an att... Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Scope: local bookworm: resolved (fixed in 100.0.4896.88-1) bullseye: resolved (fixed in 100.0.4896.88-1~deb11u1) forky: resolved (fixed in 100.0.4896.88-

CVE-2022-2010 [CRITICAL] CVE-2022-2010: chromium - Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allow... Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 102.0.5005.115-1) bullseye: resolved (fixed in 102.0.5005.115-1~deb11u1) forky: resolved (fixed in 102.0.5005.115-1)

CVE-2022-1853 [CRITICAL] CVE-2022-1853: chromium - Use after free in Indexed DB in Google Chrome prior to 102.0.5005.61 allowed a r... Use after free in Indexed DB in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 102.0.5005.61-1) bullseye: resolved (fixed in 102.0.5005.61-1~deb11u1) forky: resolved (fixed in 102.0.5005.61-1) sid: resolved (fixed in 102.0.5005.61-1) trixie:

CVE-2022-0466 [CRITICAL] CVE-2022-0466: chromium - Inappropriate implementation in Extensions Platform in Google Chrome prior to 98... Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 98.0.4758.80-1) bullseye: resolved (fixed in 98.0.4758.80-1~deb11u1) forky: resolved (fixed i

CVE-2022-2623 [HIGH] CVE-2022-2623: chromium - Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 all... Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. Scope: local bookworm: resolved (fixed in 104.0.5112.79-1) bullseye: resolved (fixed in 104.0.5112.79-1~deb11u1) forky: resolved (fixed

CVE-2022-3050 [HIGH] CVE-2022-3050: chromium - Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.... Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. Scope: local bookworm: resolved (fixed in 105.0.5195.52-1) bullseye: resolved (fixed in 105.0.5195.52-1~deb11u1) forky: resolved (fix

CVE-2022-0099 [HIGH] CVE-2022-0099: chromium - Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remot... Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1

CVE-2022-0809 [HIGH] CVE-2022-0809: chromium - Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allo... Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 99.0.4844.51-1) bullseye: resolved (fixed in 99.0.4844.51-1~deb11u1) forky: resolved (fixed in 99.0.4844.51-1) sid: resolved (fixed in 99.0.4844.51-1) trixie: re

CVE-2022-2617 [HIGH] CVE-2022-2617: chromium - Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed... Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions. Scope: local bookworm: resolved (fixed in 104.0.5112.79-1) bullseye: resolved (fixed in 104.0.5112.79-1~deb11u1) forky: resolved (fixed in 104.0.5112.79-

CVE-2022-3658 [HIGH] CVE-2022-3658: chromium - Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS pr... Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 107.0.5304.68-1) bullseye: resolved (fixed in 1

CVE-2022-0808 [HIGH] CVE-2022-0808: chromium - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.48... Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions. Scope: local bookworm: resolved (fixed in 99.0.4844.51-1) bullseye: resolved (fixed in 99.0.4844.51-1~deb11u1) forky: resolved (fixe

CVE-2022-0307 [HIGH] CVE-2022-0307: chromium - Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allo... Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.99-1) bullseye: resolved (fixed in 97.0.4692.99-1~deb11u2) forky: resolved (fixed in 97.0.4

CVE-2022-4438 [HIGH] CVE-2022-4438: chromium - Use after free in Blink Frames in Google Chrome prior to 108.0.5359.124 allowed ... Use after free in Blink Frames in Google Chrome prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 108.0.5359.124-1) bullseye: resolved (fixed in 108.0.5359.124-1~deb11

CVE-2022-0311 [HIGH] CVE-2022-0311: chromium - Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allo... Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.99-1) bullseye: resolved (fixed in 97.0.4692.99-1~deb11u2) forky: resolved (fixed in 97.0.4

CVE-2022-0467 [HIGH] CVE-2022-0467: chromium - Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior t... Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Scope: local bookworm: resolved (fixed in 98.0.4758.80-1) bullseye: resolved (fixed in 98.0.4758.80-1~deb11u1) forky: resolved (fixed in 98.0.4758.80-1) sid: resolved (fixed in 98.0.4758.80

CVE-2022-0103 [HIGH] CVE-2022-0103: chromium - Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a r... Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: resolved (fixed in 97.0.4692.71-0.1) trixie: r

CVE-2022-1641 [HIGH] CVE-2022-1641: chromium - Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.... Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction. Scope: local bookworm: resolved (fixed in 101.0.4951.64-1) bullseye: resolved (fixed in 101.0.4951.64-1~deb11u1) forky: reso

CVE-2022-0974 [HIGH] CVE-2022-0974: chromium - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.7... Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 99.0.4844.74-1) bullseye: resolved (fixed in 99.0.4844.74-1~deb11u1) forky: resolved (fixed in