CVE-2022-4176

Severity CVSS v4.0:
Pending analysis
Type:
CWE-787 Out-of-bounds Write
Publication date:
30/11/2022
Last modified:
25/11/2023

Description

Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: High)

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* 108.0.5359.71 (excluding)
cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
cpe:2.3:o:google:linux_and_chrome_os:-:*:*:*:*:*:*:*