Issued: Wednesday, 6 July, 2022 |
Last Revision: Thursday, 7 July, 2022 |
Vendor: |
Product: |
Severity Level: |
Summary:
Google has released Chrome version 103 (103.0.5060.71) for Android and version 103.0.5060.114 for Windows and Mac to resolve a vulnerability for which a public exploit code already exists. The security issue is described as a “Heap buffer overflow in WebRTC” and is tagged as CVE-2022-2294.
With this release, a number of fixes and improvements have been made, including the performance, stability, and security upgrades.
According to its security update, Google is aware that an exploit for CVE-2022-0609 exists in the wild.
Vulnerability Details:
| CVE/Vulnerability | Description | CVSS 3.0 Score |
| CVE-2022-2294 | Heap buffer overflow in WebRTC | N/A |
Affected Products:
| CVE/Vulnerability | Affected Product(s) |
| CVE-2022-2294 | Chrome for Android versions prior to 103.0.5060.71 Chrome for Windows versions prior to 103.0.5060.114 Chrome for Windows and Mac versions prior to 102.0.5005.148 |
Recommendation:
Organizations are encouraged to apply the stable channel 103 (103.0.5060.71) for Android and version 103.0.5060.114 for Windows and Mac to fix the exploited vulnerability