What is CVE-2022-3043?

CVE-2022-3043 is a heap buffer overflow vulnerability in Screen Capture in Google Chrome on Chrome OS prior to version 105.0.5195.52.

How does CVE-2022-3043 affect Google Chrome?

CVE-2022-3043 allows a remote attacker to potentially exploit heap corruption in Google Chrome by convincing a user to engage in specific UI interactions via a crafted HTML page.

What is the severity of CVE-2022-3043?

The severity of CVE-2022-3043 is rated as high with a CVSS score of 8.8.

How can I fix CVE-2022-3043?

To fix CVE-2022-3043, update Google Chrome on Chrome OS to version 105.0.5195.52 or later.

Where can I find more information about CVE-2022-3043?

You can find more information about CVE-2022-3043 in the references: [Link 1](https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html), [Link 2](https://crbug.com/1336979), [Link 3](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/)

Vulnerability/
CVE-2022-3043

high

8.8

CWE

119 787

16/6/2022

27/10/2022

CVE-2022-3043: Heap buffer overflow in Screen Capture

First published: Thu Jun 16 2022(Updated: )

Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.

Credit: @ginggilBesel chrome-cve-admin@google.com

Affected Software	Affected Version	How to fix
Google Chrome	<105.0.5195.52
Google Chrome OS
Fedoraproject Fedora	=37
Google Chrome	<105.0.5195.52	105.0.5195.52

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

6098751293474831349

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is CVE-2022-3043?
CVE-2022-3043 is a heap buffer overflow vulnerability in Screen Capture in Google Chrome on Chrome OS prior to version 105.0.5195.52.
How does CVE-2022-3043 affect Google Chrome?
CVE-2022-3043 allows a remote attacker to potentially exploit heap corruption in Google Chrome by convincing a user to engage in specific UI interactions via a crafted HTML page.
What is the severity of CVE-2022-3043?
The severity of CVE-2022-3043 is rated as high with a CVSS score of 8.8.
How can I fix CVE-2022-3043?
To fix CVE-2022-3043, update Google Chrome on Chrome OS to version 105.0.5195.52 or later.
Where can I find more information about CVE-2022-3043?
You can find more information about CVE-2022-3043 in the references: [Link 1](https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html), [Link 2](https://crbug.com/1336979), [Link 3](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/)

agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/remedy
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
agent/weakness
collector/chrome-releases
agent/software-canonical-lookup-request
agent/software-canonical-lookup
collector/nvd-index
vendor/google
canonical/google chrome
canonical/google chrome os
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/37