Google Chrome < 105.0.5195.52 Multiple Vulnerabilities

high Nessus Plugin ID 164509

Language:

Synopsis

A web browser installed on the remote macOS host is affected by multiple vulnerabilities.

Description

The version of Google Chrome installed on the remote macOS host is prior to 105.0.5195.52. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_08_stable-channel-update-for-desktop_30 advisory.

 - Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction. (CVE-2022-3058)

 - Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3038)

 - Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3039, CVE-2022-3041)

 - Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3040)

 - Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3042)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Google Chrome version 105.0.5195.52 or later.

See Also

http://www.nessus.org/u?613dc709

https://crbug.com/1340253

https://crbug.com/1343348

https://crbug.com/1341539

https://crbug.com/1345947

https://crbug.com/1338553

https://crbug.com/1336979

https://crbug.com/1051198

https://crbug.com/1339648

https://crbug.com/1346245

https://crbug.com/1342586

https://crbug.com/1303308

https://crbug.com/1316892

https://crbug.com/1337132

https://crbug.com/1345245

https://crbug.com/1346154

https://crbug.com/1267867

https://crbug.com/1290236

https://crbug.com/1351969

https://crbug.com/1329460

https://crbug.com/1336904

https://crbug.com/1337676

Plugin Details

Severity: High

ID: 164509

File Name: macosx_google_chrome_105_0_5195_52.nasl

Version: 1.9

Type: local

Agent: macosx

Published: 8/30/2022

Updated: 3/23/2023

Supported Sensors: Nessus Agent

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:POC/RL:OF/RC:C

CVSS Score Source: CVE-2022-3058

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: E:P/RL:O/RC:C

CVSS Score Source: CVE-2022-3071

Vulnerability Information

CPE: cpe:/a:google:chrome

Required KB Items: MacOSX/Google Chrome/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/30/2022

Vulnerability Publication Date: 8/30/2022

Reference Information

CVE: CVE-2022-3038, CVE-2022-3039, CVE-2022-3040, CVE-2022-3041, CVE-2022-3042, CVE-2022-3043, CVE-2022-3044, CVE-2022-3045, CVE-2022-3046, CVE-2022-3047, CVE-2022-3048, CVE-2022-3049, CVE-2022-3050, CVE-2022-3051, CVE-2022-3052, CVE-2022-3053, CVE-2022-3054, CVE-2022-3055, CVE-2022-3056, CVE-2022-3057, CVE-2022-3058, CVE-2022-3071

IAVA: 2022-A-0346-S