What is CVE-2022-3051?

CVE-2022-3051 is a heap buffer overflow vulnerability in Exosphere in Google Chrome on Chrome OS, Lacros prior to version 105.0.5195.52.

What is the severity of CVE-2022-3051?

CVE-2022-3051 has a severity rating of 8.8 (high).

How can I fix CVE-2022-3051?

To fix CVE-2022-3051, update Google Chrome on Chrome OS, Lacros to version 105.0.5195.52 or later.

Are there any references for CVE-2022-3051?

Yes, you can find more information about CVE-2022-3051 at the following references: - [Google Chrome Releases](https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html) - [Chromium Bug Tracker](https://crbug.com/1345245) - [Fedora Project](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/)

Vulnerability/
CVE-2022-3051

high

8.8

CWE

787 119

18/7/2022

26/9/2022

3/8/2024

CVE-2022-3051: Heap buffer overflow in Exosphere

Q: How does CVE-2022-3051 affect Google Chrome?

CVE-2022-3051 allows a remote attacker who convinces a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions in Google Chrome on Chrome OS, Lacros prior to version 105.0.5195.52.

First published: Mon Jul 18 2022(Updated: )

Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.

Credit: @ginggilBesel chrome-cve-admin@google.com

Affected Software	Affected Version	How to fix
Google Chrome	<105.0.5195.52
Google Chrome OS
Google Linux And Chrome Os
Fedoraproject Fedora	=37
Google Chrome	<105.0.5195.52	105.0.5195.52

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

6098751293474831349

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is CVE-2022-3051?
CVE-2022-3051 is a heap buffer overflow vulnerability in Exosphere in Google Chrome on Chrome OS, Lacros prior to version 105.0.5195.52.
What is the severity of CVE-2022-3051?
CVE-2022-3051 has a severity rating of 8.8 (high).
How does CVE-2022-3051 affect Google Chrome?
CVE-2022-3051 allows a remote attacker who convinces a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions in Google Chrome on Chrome OS, Lacros prior to version 105.0.5195.52.
How can I fix CVE-2022-3051?
To fix CVE-2022-3051, update Google Chrome on Chrome OS, Lacros to version 105.0.5195.52 or later.
Are there any references for CVE-2022-3051?
Yes, you can find more information about CVE-2022-3051 at the following references: - [Google Chrome Releases](https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html) - [Chromium Bug Tracker](https://crbug.com/1345245) - [Fedora Project](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/)

agent/type
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
collector/nvd-index
agent/software-canonical-lookup-request
agent/references
agent/author
agent/severity
agent/weakness
agent/description
agent/event
agent/title
collector/chrome-releases
agent/software-canonical-lookup
agent/tags
collector/mitre-cve
source/MITRE
vendor/google
canonical/google chrome
canonical/google chrome os
canonical/google linux and chrome os
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/37