CVE-2022-4918: Use after free in UI

Reference Links

• https://crbug.com/1315102
• https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_24.html (Advisory)
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YKLJ3B3D5BCVWE3QNP4N7HHF26OHD567/

Parent vulnerabilities

(Appears in the following advisories)

• 1503472642066069577

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2022-1853
• CVE-2022-1854
• CVE-2022-1855
• CVE-2022-1856
• CVE-2022-1857
• CVE-2022-1858
• CVE-2022-1859
• CVE-2022-1860
• CVE-2022-1861
• CVE-2022-1862
• CVE-2022-1863
• CVE-2022-1864
• CVE-2022-1865
• CVE-2022-1866
• CVE-2022-1867
• CVE-2022-1868
• CVE-2022-1869
• CVE-2022-1870
• CVE-2022-1871
• CVE-2022-1872
• CVE-2022-1873
• CVE-2022-1874
• CVE-2022-1875
• CVE-2022-1876

Frequently Asked Questions

• What is the severity of CVE-2022-4918?

  CVE-2022-4918 has a medium severity rating according to Chromium security standards.

• How do I fix CVE-2022-4918?

  To fix CVE-2022-4918, update Google Chrome to version 102.0.5005.61 or later.

• What are the potential impacts of CVE-2022-4918?

  CVE-2022-4918 may allow a remote attacker to perform arbitrary read and write operations via a crafted HTML page.

• Which versions of Google Chrome are affected by CVE-2022-4918?

  CVE-2022-4918 affects all versions of Google Chrome prior to 102.0.5005.61.

• Is CVE-2022-4918 being actively exploited?

  There is no public indication that CVE-2022-4918 is actively being exploited in the wild.