What just happened? Google just released an emergency security update to patch a newly discovered vulnerability in the Chrome web browser. The buffer overflow-based exploit was discovered by Clément Lecigne, a member of the Google Threat Analysis Group (TAG). Google acknowledged the issue and pledged to withhold further details about the vulnerability until the patch has been widely deployed.
The new vulnerability, categorized as CVE-2022-4135, is a heap buffer overflow issue in the GPU that can result in malicious actors gaining unauthorized access to information, induce application instability, or potentially provide permission to execute arbitrary code on the target machine.
Google's TAG acknowledged the vulnerability in a recent stable channel update that was deployed to prevent further exploitation. Google engineers updated stable channel 107.0.5304.121 for Mac and Linux systems as well as channel 107.0.5304.121/.122 for Windows-based systems. A list of all associated updates and release notes can be found in Chromium's release logs.
The finding marks the software giant's eighth zero-day vulnerability of 2022. Previously patched vulnerabilities included:
- CVE-2022-3723 - Type confusion in V8
- CVE-2022-3075 - Insufficient data validation in Mojo
- CVE-2022-2856 - Insufficient validation of untrusted inputs
- CVE-2022-2294 - Heap buffer overflow in WebRTC
- CVE-2022-1364 - Type confusion in V8
- CVE-2022-1096 - Type confusion in V8
- CVE-2022-0609 - Use after free in animation
The heap overflow can provide attackers with the ability to augment functional pointers within an application, instead pointing them toward arbitrarily deployed malicious code. The condition is the result of a buffer overwrite in the heap portion of a system's memory.
Google's decision not to immediately share the exploit's details is a standard practice intended to minimize the vulnerability's use and impact. By slowing the understanding and awareness of the vulnerability's details, users have more time to patch and update their browsers before the exploit can be leveraged. It also provides developers of heavily used third-party libraries with the ability to patch the vulnerability, further limiting exploitability.
"Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven't yet fixed." - Prudhvikumar Bommana
Chrome users are advised to update their browsers as soon as possible and should monitor any other Chromium-based browsers for similar updates once released.