Issued: Thursday, 27 October, 2022 |
Last Revision: Thursday, 27 October, 2022 |
Vendor: |
Product: |
Severity Level: |
Google this week announced the release of Chrome 107 to the stable channel, with patches for 14 vulnerabilities, including high – severity issues among which ten security issues were reported externally: three was reported as high – severity, six medium – severity, and one low – severity issue.
To exploit these flaws, a remote attacker needs to trick a user into accessing a specially crafted webpage in a vulnerable browser. Successful exploitation could allow the attacker to execute arbitrary code or cause a denial-of-service (DoS) condition on the affected system.
| CVE/Vulnerability | Description | Severity | Exploitable |
| |
| CVE-2022-3652 | Type Confusion in V8 | High | No |
| |
| CVE-2022-3653 | Heap buffer overflow in Vulkan. | High | No |
| |
| CVE-2022-3654 | Use after free in Layout. | High | No |
| |
Table 1: Vulnerability details
|
| |||
| CVE/Vulnerability | Product(s) Detail |
| |
| CVE-2022-3652 CVE-2022-3653 CVE-2022-3654 | Chrome 107.0.5304.62 for Mac, 107.0.5304.68 for Linux and 107.0.5304.62/63 Windows |
| |
Table 2: Vulnerable versions
We Recommend entities to update to latest version. Chrome on Mac, Linux, and Windows users as to versions 107.0.5304.62, 107.0.5304.68, and 107.0.5304.62/63, respectively.