CVE-2022-4924: Use after free in WebRTC
Published Nov 23, 2021
·Updated
Use after free in WebRTC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Credit
Rong Jian(VRI)
Affected Software
2 affected componentsFixes available
Google Chrome<97.0.4692.71
97.0.4692.71
Google Chrome<97.0.4692.71
Event History
Nov 23, 2021
CVE Published
12:00 AM
Jul 28, 2023
CVE Published
via MITRE·11:26 PM
Data Sourced
via MITRE·11:26 PM
DescriptionWeakness
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2022-0096
- CVE-2022-0097
- CVE-2022-0098
- CVE-2022-0099
- CVE-2022-0100
- CVE-2022-0101
- CVE-2022-0337
- CVE-2022-0102
- CVE-2022-0103
- CVE-2022-0104
- CVE-2022-0105
- CVE-2022-0106
- CVE-2022-0107
- CVE-2022-0108
- CVE-2022-0109
- CVE-2022-0110
- CVE-2022-0111
- CVE-2022-0112
- CVE-2022-0113
- CVE-2022-0114
- CVE-2022-0115
- CVE-2022-0116
- CVE-2022-0117
- CVE-2022-0118
- CVE-2022-0120
- CVE-2022-4925
Frequently Asked Questions
1
What is the severity of CVE-2022-4924?
CVE-2022-4924 has a high severity rating due to the potential for a sandbox escape via a crafted HTML page.
2
How do I fix CVE-2022-4924?
To fix CVE-2022-4924, update Google Chrome to version 97.0.4692.71 or later.
3
What does the vulnerability CVE-2022-4924 affect?
CVE-2022-4924 affects the WebRTC component in Google Chrome prior to version 97.0.4692.71.
4
Can CVE-2022-4924 be exploited remotely?
Yes, CVE-2022-4924 can be exploited remotely by a compromised renderer process.
5
Is it necessary to update Chrome for CVE-2022-4924?
Yes, it is essential to update Chrome to mitigate the risks associated with CVE-2022-4924.