Author Archives: Giuliana Pritchard

Long Term Support Candidate Channel Update for ChromeOS

A new LTS Candidate, LTC- 102.0.5005.170 (Platform Version: 14695.115.0),  has been released  for most ChromeOS devices. Release notes for LTC-102 can be found here. Want to know more about Long-term Support? Click here

This update includes the following Security fixes:

1339844  High  CVE-2022-2480 Use after free in Service Worker API
1329987 High CVE-2022-2479 Insufficient validation of untrusted input in File
1341603 High CVE-2022-2481 Use after free in Views
1336266  High CVE-2022-2477 Use after free in Guest View


Giuliana Pritchard
Google Chrome OS

Long Term Support Channel Update for ChromeOS

LTS-96 has been updated in the LTS channel to 96.0.4664.215 (Platform Version: 14268.94.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here


This update includes the following Security fixes:

1325298  High  CVE-2022-2010  Out of bounds read in compositing
1302959  Medium  CVE-2022-1488  Security: Extension permission escalation
1327241  Medium  CVE-2021-30560  CrOS: Vulnerability reported in dev-libs/libxslt
1324563  Medium  CVE-2022-29824  CrOS: Vulnerability reported in dev-libs/libxml2


Giuliana Pritchard

Google Chrome OS

Long Term Support Channel Update for ChromeOS

LTC-102 has been updated in the LTC (Long Term Support Candidate) channel to 102.0.5005.153 (Platform Version: 14695.114.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here


This update includes the following Security fixes:

1335458  Critical  CVE-2022-2156   Use after free in Core
1341043  High  CVE-2022-2294  Heap buffer overflow in WebRTC
1327241   Medium CVE-2021-30560  CrOS: Vulnerability reported in dev-libs/libxslt
1324563  Medium  CVE-2022-29824  CrOS: Vulnerability reported in dev-libs/libxml2



Giuliana Pritchard

Google Chrome OS

Long Term Support Channel Update for ChromeOS

LTS-96 has been updated in the LTS channel to 96.0.4664.214 (Platform Version: 14268.89.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here


This update includes the following Security fixes:

1324864  Critical CVE-2022-1853  Use after free in Indexed DB
1228661 High CVE-2022-1855  Use after free in Messaging
1316846  High CVE-2022-1861  Use after free in Sharing
1236325  Medium CVE-2022-1862 Inappropriate implementation in Extensions
1292264  Medium CVE-2022-1866  Use after free in Tablet Mode
1292870  Medium CVE-2022-1863  Use after free in Tab Groups
1289192 Medium CVE-2022-1865  Use after free in Bookmarks


Giuliana Pritchard

Google Chrome OS

Long Term Support Channel Update

The new LTS Candidate, LTC-102 102.0.5005.75, has been released to most devices (Platform Version: 14695.85.0) for most ChromeOS devices. If you have devices in the LTC channel, they will be updated to this version. The LTS channel remains on LTS-96 until September 1st. 


Release notes for LTC-102 can be found here. Want to know more about Long-term Support? Click here


Giuliana Pritchard 

Google Chrome OS

Long Term Support Channel Update for ChromeOS

LTS-96 has been updated in the LTS channel to 96.0.4664.209 (Platform Version: 14268.84.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here



This update contains multiple Security fixes, including:

1316946 High  CVE-2022-1638 [v8] Integer overflow leading to OOB/CHECK in icu_71::FormattedStringBuilder::prepareForInsertHelper

1316990 High CVE-2022-1633 Security: Heap-use-after-free in ash::sharesheet::SharesheetBubbleView::CloseWidgetWithReason

1322744 High CVE-2022-1859 Security: UAF in DiscardsGraphDumpImpl

1297283 High CVE-2022-1636 Security: use after free in JS self-profiling API

1278608 High CVE-2021-43527 Security: CA certificate import exploitable with large DSA and RSA-PSS signatures on Linux/ChromeOS

1304660 High CVE-2022-23308 CrOS: Vulnerability reported in dev-libs/libxml2

1278608 High CVE-2021-43527 Security: CA certificate import exploitable with large DSA and RSA-PSS signatures on Linux/ChromeOS

1304660 High CVE-2022-23308 CrOS: Vulnerability reported in dev-libs/libxml2

1278608 High CVE-2021-43527 Security: CA certificate import exploitable with large DSA and RSA-PSS signatures on Linux/ChromeOS

1315563 Medium CVE-2022-1867 Security: navigator.clipboard.read() can lead to mutation XSS

1300561 Medium CVE-2022-1489 Security: container-overflow in ash::ScrollableShelfView::ShouldCountActivatedInkDrop



Giuliana Pritchard

Google Chrome OS

Long Term Support Channel Update

LTS-96 has been updated in the LTS channel to 96.0.4664.208 (Platform Version: 14268.83.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here



This update contains multiple Security fixes, including:

1278608 High  CVE-2021-43527 Security: CA certificate import exploitable with large DSA and RSA-PSS signatures on Linux/ChromeOS

1304660 High  CVE-2022-23308 CrOS: Vulnerability reported in dev-libs/libxml2

1278608 High CVE-2021-43527 Security: CA certificate import exploitable with large DSA and RSA-PSS signatures on Linux/ChromeOS

1304660 High CVE-2022-23308 CrOS: Vulnerability reported in dev-libs/libxml2

1278608 High CVE-2021-43527 Security: CA certificate import exploitable with large DSA and RSA-PSS signatures on Linux/ChromeOS



Giuliana Pritchard

Google Chrome OS

Long Term Support Channel Update

LTS-96 has been updated in the LTS channel to 96.0.4664.207 (Platform Version: 14268.82.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here



This update contains multiple Security fixes, including:

1311701  High  CVE-2022-1312 Security: UAF in DumpDatabaseHandler

1283050  High  CVE-2022-1308 Heap-use-after-free in RenderViewHostImpl::ActivatePrerenderedPage

1310717  High  CVE-2022-1311 Use-after-Free on crostini::CrostiniExportImport::OpenFileDialog

1292261  High  CVE-2022-1125 Security: Heap-use-after-free in BrowserList::AddBrowser

1268541  Medium  CVE-2022-1139 Security: Another Cross-Origin Response Size Leak Via BackgroundFetch

1315901  High  CVE-2022-1364 Security: [day 0] JIT optimization issue



Giuliana Pritchard

Google Chrome OS

Long Term Support Channel Update

LTS-96 has been updated in the LTS channel to 96.0.4664.206 (Platform Version: 14268.81.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here



This update contains multiple Security fixes, including:

1297404 High CVE-2022-1131 Security: heap-use-after-free in global_media_controls::MediaItemManagerImpl::HideItem

1303253 Medium CVE-2022-1141 use after free in SelectFileDialogExtension::ExtensionTerminated

1303613 Medium CVE-2022-1142 Security: HeapOverflow in ScanningHandler

1304545 Medium CVE-2022-1145 Security: Potential Use After Free in ManagedValueStoreCache::OnPolicyUpdated

1303615 Medium CVE-2022-1143 Security: HeapOverflow in CertificatesHandler

1304145 Medium CVE-2022-1144 Security: UAF in ScanningHandler


Giuliana Pritchard

Google Chrome OS

Long Term Support Channel Update

LTS-96 has been updated in the LTS channel to 96.0.4664.204 (Platform Version: 14268.79.0) for most ChromeOS devices. Want to know more about Long-term Support? Click here



This update includes the following Security fixes:

 1299225 High CVE-2022-0977 Security: Heap-use-after-free in QuickAnswersUiController::CloseQuickAnswersView

1291986  High CVE-2022-0974 Security heap-use-after-free ash/wm/splitview/split_view_divider.cc (chromeOS)

1301320 High CVE-2022-0972 Security: heap-use-after-free in extensions::ExtensionApiFrameIdMap::GetFrameId

Giuliana Pritchard 

Google Chrome OS