Google addressed an array of bugs with Chrome 108

Threat Advisories

Google addressed an array of bugs with Chrome 108

Threat Level
Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

Google Chrome’s latest stable channel update for Windows, Mac, and Linux fixes several vulnerabilities.

There are eight high-severity security flaws and 14 medium-severity flaws. The most significant of these flaws is CVE-2022-4174, a type confusion flaw in the web browser’s V8 JavaScript engine that, when exploited, allows arbitrary code to be executed on the target device. Lacros Graphics was found to have an out-of-bounds write, while the use-after-free trigger error obtained access to sensitive information. These weaknesses affect Chrome components such as Camera Capture, Extensions Mojo, Audio, and Forms.