This week, Google announced a Chrome update that fixes a total of 11 browser vulnerabilities, including six that were discovered by outside researchers. Five of these are problems with use-after-free, including four that are deemed to be of “high severity.”
These flaws could result in data corruption, a denial of service, or the execution of arbitrary code, but if they’re coupled with additional problems, they could jeopardize the entire system. Use-after-free flaws in Chrome can frequently be used to get out of the browser’s sandbox.
The most recent Chrome 103 update fixes four high-severity use-after-free vulnerabilities that have been tracked as CVE-2022-2477, CVE-2022-2478, CVE-2022-2480, and CVE-2022-2481 and have an effect on components like Guest View, PDF, Service Worker API, and Views.