Advisory for Google Chrome Security Updates

  • NIC-CERT/2022-10/433
  • Date: 2022-10-12
  • CVE ID: Multiple
  • Severity: High
  1. Description:

Google has released that Stable channel has been updated to 106.0.5249.119 for Windows, Mac, and Linux,

  1. Security Issues Fixed:

Google update includes several security fixes in this release which includes vulnerabilities like Heap buffer overflow in WebSQL, use after free in Skia, Permission API, Safe Browsing.

  1. Affected Products, CVE IDs and Solution:

This update includes 6 security fixes. Below, we highlight fixes that were contributed by external researchers.

  1. CVE IDs:

CVE ID

Description

CVE-2022-3445

Use after free in Skia

CVE-2022-3446

Heap buffer overflow in WebSQL

CVE-2022-3447

Inappropriate implementation in Custom Tabs

CVE-2022-3448

Use after free in Permissions API

CVE-2022-3449

Use after free in Safe Browsing

CVE-2022-3450

Use after free in Peer Connection

  1. References:

https://chromereleases.googleblog.com/