Actively Exploited Zero-Day Bug in Chrome

Threat Advisories

Actively Exploited Zero-Day Bug in Chrome

Threat Level
Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

CVE-2022-4135 is a high-severity heap buffer overflow issue that affects the GPU component. The fault is caused by a boundary error in the GPU while processing untrusted HTML input. An attacker who has infiltrated the renderer process may be able to escape the sandbox and execute arbitrary code on the target machine through a fabricated HTML page.