First published: Tue Jul 26 2022(Updated: )
Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific user interactions.
Credit: chrome-cve-admin@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Chrome | <101.0.4951.41 | |
Google Chrome OS |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-1489 is a vulnerability that allows a remote attacker to potentially exploit heap corruption in UI Shelf in Google Chrome on Chrome OS Lacros prior to 101.0.4951.41 via specific user interactions.
CVE-2022-1489 has a severity rating of 8.8 (high).
A remote attacker can potentially exploit CVE-2022-1489 by performing specific user interactions that trigger out of bounds memory access in UI Shelf in Google Chrome on Chrome OS Lacros.
No, Google Chrome OS is not affected by CVE-2022-1489.
To fix CVE-2022-1489, you should update Google Chrome on Chrome OS Lacros to version 101.0.4951.41 or later.