Author Archives: Giuliana Pritchard

Long Term Support Channel Update

LTS-96 has been updated in the LTS channel to 96.0.4664.208 (Platform Version: 14268.83.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here



This update contains multiple Security fixes, including:

1278608 High  CVE-2021-43527 Security: CA certificate import exploitable with large DSA and RSA-PSS signatures on Linux/ChromeOS

1304660 High  CVE-2022-23308 CrOS: Vulnerability reported in dev-libs/libxml2

1278608 High CVE-2021-43527 Security: CA certificate import exploitable with large DSA and RSA-PSS signatures on Linux/ChromeOS

1304660 High CVE-2022-23308 CrOS: Vulnerability reported in dev-libs/libxml2

1278608 High CVE-2021-43527 Security: CA certificate import exploitable with large DSA and RSA-PSS signatures on Linux/ChromeOS



Giuliana Pritchard

Google Chrome OS

Long Term Support Channel Update

LTS-96 has been updated in the LTS channel to 96.0.4664.207 (Platform Version: 14268.82.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here



This update contains multiple Security fixes, including:

1311701  High  CVE-2022-1312 Security: UAF in DumpDatabaseHandler

1283050  High  CVE-2022-1308 Heap-use-after-free in RenderViewHostImpl::ActivatePrerenderedPage

1310717  High  CVE-2022-1311 Use-after-Free on crostini::CrostiniExportImport::OpenFileDialog

1292261  High  CVE-2022-1125 Security: Heap-use-after-free in BrowserList::AddBrowser

1268541  Medium  CVE-2022-1139 Security: Another Cross-Origin Response Size Leak Via BackgroundFetch

1315901  High  CVE-2022-1364 Security: [day 0] JIT optimization issue



Giuliana Pritchard

Google Chrome OS

Long Term Support Channel Update

LTS-96 has been updated in the LTS channel to 96.0.4664.206 (Platform Version: 14268.81.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here



This update contains multiple Security fixes, including:

1297404 High CVE-2022-1131 Security: heap-use-after-free in global_media_controls::MediaItemManagerImpl::HideItem

1303253 Medium CVE-2022-1141 use after free in SelectFileDialogExtension::ExtensionTerminated

1303613 Medium CVE-2022-1142 Security: HeapOverflow in ScanningHandler

1304545 Medium CVE-2022-1145 Security: Potential Use After Free in ManagedValueStoreCache::OnPolicyUpdated

1303615 Medium CVE-2022-1143 Security: HeapOverflow in CertificatesHandler

1304145 Medium CVE-2022-1144 Security: UAF in ScanningHandler


Giuliana Pritchard

Google Chrome OS

Long Term Support Channel Update

LTS-96 has been updated in the LTS channel to 96.0.4664.204 (Platform Version: 14268.79.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here



This update includes the following Security fixes:

 1299225 High CVE-2022-0977 Security: Heap-use-after-free in QuickAnswersUiController::CloseQuickAnswersView

1291986  High CVE-2022-0974 Security heap-use-after-free ash/wm/splitview/split_view_divider.cc (chromeOS)

1301320 High CVE-2022-0972 Security: heap-use-after-free in extensions::ExtensionApiFrameIdMap::GetFrameId

Giuliana Pritchard 

Google Chrome OS

Long Term Support Channel Update

LTS-96 has been updated in the LTS channel to 96.0.4664.202 (Platform Version: 14268.77.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here



This update includes the following Security fixes:

1295786  High  CVE-2022-0796 uaf in blink::MediaInspectorContextImpl::CullPlayers(blink::WebString const&)

1294097 High CVE-2022-0794 Security: Heap-use-after-free in NearbyShareAction::HandleKeyboardEvent

1281908 High CVE-2022-0797 Security: DeserializeFromMessage should validate the message header

1279531 Medium CVE-2022-0469 heap-use-after-free in media_router::CastMediaSinkService::StartMdnsDiscovery

1284584 High CVE-2022-0452 Security: UAF in safe_browsing::DownloadRequestMaker::Start

1276331 High CVE-2022-0301 Security: heap-buffer-overflow around blink::mojom::WidgetInputHandlerProxy::DispatchEvent

1267627 Medium CVE-2022-0114 Security: Web Serial - Out of bound read in SerialPortUnderlyingSink::WriteData().

1292271 Medium CVE-2022-0808 Security: heap-use-after-free on ash/wm/desks/desks_controller.cc (chromeOS)

1285449 Medium CVE-2022-0610 Security: inappropriate implementation of reportBadMessage in GamepadMonitor::GamepadStartPolling

1291728 High CVE-2022-0793 Security: heap-use-after-free in base::ObserverList::RemoveObserver

1286940 High CVE-2022-0605 Security: heap-use-after-free in ProfileImpl::IsSameOrParent

1296150 High CVE-2022-0609 Security: [0-day] Use-After-Free in UpdateAnimationTiming

1273397 High CVE-2022-0604 Security: Heap-buffer-overflow in tabgroup

 Giuliana Pritchard 

 Google Chrome OS

Long Term Support Channel Update

The LTS Candidate LTC-96 has been updated to 96.0.4664.194 (Platform Version: 14268.73.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here


This update includes the following Security fixes: 

 CVE-2022-0099 High heap-use-after-free in OnBrowserSetLastActive 

 CVE-2022-0308 Medium Security: AddressSanitizer: heap-use-after-free on drag_drop_controller.cc (chromeOS and Lacros) 

 CVE-2022-0453 High Security: UAF in DistilledPagePrefs::SetFontScaling 

 CVE-2022-0456 High Security: heap-use-after-free in TemplateURLFetcher::RequestDelegate::OnTemplateURLParsed 

CVE-2022-0460 Medium SUMMARY: AddressSanitizer: heap-use-after-free web_view_impl.cc:1020 in blink::WebViewImpl::ClosePagePopup 

 CVE-2022-0465 Medium Heap-use-after-free in extensions::ChromeExtensionsBrowserClient::GetOriginalContext 

 CVE-2022-0603 High UAF in printing 

 CVE-2022-0608 High Security: Integer overflow in HandleTable::AddDispatchersFromTransit leading to memory corruption 


 Giuliana Pritchard 

 Google Chrome OS

Long Term Support Channel Update

The LTS Candidate LTC-96 has been updated to 96.0.4664.180 (Platform Version: 14268.670.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here.

This update includes the following Security fixes:
CVE-2022-0096 CriticalSUMMARY: AddressSanitizer: heap-use-after-free base/bind_internal.h:535:12 in BindState
CVE-2022-0289 Critical Security: heap-use-after-free in safe_browsing::ThreatDetails::OnReceivedThreatDOMDetails
CVE-2022-0290 High Security: RenderFrameHostImpl logic error leading browser UAF
CVE-2022-0291 High Insufficient fix for CVE-2021-4057 (Site Isolation bypass in BlobRegistryImpl)
CVE-2022-0292 High Security: FencedFrames reachable from compromised renderer due to lacking features::isEnabled(kFencedFrames) checks in Browser Process and FencedFrame::Navigate can navigate to file:// and chrome:// origins
CVE-2022-0293 High Security: UAF in ChromeContentBrowserClient::CreateURLLoaderThrottles
CVE-2022-0294 High Security: Inappropriate implementation in PushMessaging
CVE-2022-0295 High Security: Heap-use-after-free in ui::MenuModel::GetModelAndIndexForCommandId
CVE-2022-0296 High UAF in PrintViewManagerBase
CVE-2022-0298 High AddressSanitizer: use-after-poison frame_or_worker_scheduler.cc:88 in blink::FrameOrWorkerScheduler::NotifyLifecycleObservers
CVE-2022-0300 High Security: UAF in DateTimeChooserAndroid::ReplaceDateTime
CVE-2022-0302 High Security: Heap-use-after-free in OmniboxViewViews::MaybeAddSendTabToSelfItem
CVE-2022-0304 High Security: UAF in BookmarkDragHelper::OnBookmarkIconLoaded
CVE-2022-0305 High Security: Inappropriate implementation in ServiceWorkerContainerHost::EnsureFileAccess
CVE-2022-0306 High Security: heap-buffer-overflow in chrome_pdf::PDFiumEngine::RequestThumbnail
CVE-2021-41990 Medium CrOS: Vulnerability reported in net-vpn/strongswan
CVE-2022-0109 Medium Security: scrollTop of ListBox autofill preview discloses sensitive information
CVE-2022-0307 Medium Heap-use-after-free in optimization_guide::OptimizationGuideStore::ClearFetchedHintsFromDatabase
CVE-2022-0309 Medium Security: Page can cause autofill prompt to render under cursor in order to bypass mouse movement/keyboard input requirements for autofill
CVE-2022-0310 Medium Heap-buffer-overflow in TableView::OnItemsRemoved
CVE-2022-0311 Medium Container-overflow in TableView::UpdateVirtualAccessibilityChildrenBounds


Giuliana Pritchard
Google Chrome OS