News

Google actively patches exploited vulnerability in Chrome’s WebRTC component

By admin
Spread the love

Google has fixed a vulnerability in Chrome that was being actively exploited. The zeroday was in the WebRTC component. It was a heap-based buffer overflow discovered a few days ago.

The vulnerability is registered as CVE-2022-2294. Details about the bug have not yet been announced. google writes in a short blog post that the bug was discovered on July 1 by security company Avast. It would be a heap-based buffer overflow in the WebRTC component that is rated ‘High’. Heap-based buffer overflow allows for different types of attacking actions, from crashing programs to executing code. What exactly was done with this bug is unknown. According to Google, the zeroday was actively abused, but details are also lacking.

The bug has been fixed in Chrome 103.0.5060.114 for Windows and Chrome 103.0.5060.71 for Android. Two other vulnerabilities are also fixed in that version. Those are CVE-2022-2295 and CVE-2022-2296. The first is a type confusion in Chrome’s V8 engine, the second is a use-after-free vulnerability in Chrome OS shell.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Brave sells web content as data for AI training

News

Firefox beta has support for Nvidia video upscaling technique

News

AMD: Intel’s proposal for 64bit-only x86 architecture is very interesting

News

Microsoft releases new font for Word, Outlook, PowerPoint and Excel