If after freeing a memory location, a program does not clear the pointer to that memory, an attacker can use the error to manipulate the program. Use after free (UAF) vulnerabilities occur because of the incorrect use of dynamic memory during a program’s operation. We discuss some of the CVE’s included in this update below.ĬVE-2022-2852: a critical use after free vulnerability in FedCM. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database.
One of the vulnerabilities is labeled as “Critical” and one of the vulnerabilities that is labeled as “High” exists in the wild. Extended stable channel has been updated to 1.101 for Mac and 1.102 for Windows, which will roll out over the coming days/weeks. Google updated the Stable channel for Chrome to 1.101 for Mac and Linux and 1.102/101 for Windows which will roll out over the coming days/weeks.
0 kommentar(er)
