all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Chrome LinkToTextMenuObserver::CompleteWithError Heap Use-After-Free

Add to bookmarks
Sept. 16, 2022, 1:40 p.m. |

Packet Storm packetstormsecurity.com

A use-after-free issue exists in Chrome 104 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process. LinkToTextMenuObserver holds a raw pointer to a RenderFrameHost object, but is not owned by the frame host and does not watch for frame host destruction events. Therefore, if an attacker manages to destroy the frame host right after the observer is created but before the timeout task posted in StartLinkGenerationRequestWithTimeout() is executed, use-after-free will occur.

chrome free use-after-free

Visit resource

More from packetstormsecurity.com / Packet Storm

Apache Solr Backup/Restore API Remote Code Execution 22 hours ago | packetstormsecurity.com
11.2 apache apache solr api +17
Ubuntu Security Notice USN-6748-1 23 hours ago | packetstormsecurity.com
attack attacker cross-site issue +9
Ubuntu Security Notice USN-6747-1 23 hours ago | packetstormsecurity.com
arbitrary code attacker code denial of service +16
Ubuntu Security Notice USN-6742-2 23 hours ago | packetstormsecurity.com
attacker authentication bluetooth connections +11
Relate Learning And Teaching System SSTI / Remote Code Execution 23 hours ago | packetstormsecurity.com
batch code code execution exam +13
Nginx 1.25.5 Host Header Validation 23 hours ago | packetstormsecurity.com
bug header host malice +2
Red Hat Security Advisory 2024-2033-03 23 hours ago | packetstormsecurity.com
advisory enterprise libreswan linux +5
Red Hat Security Advisory 2024-2011-03 23 hours ago | packetstormsecurity.com
advisory buffer buffer overflow buffer overflow vulnerability +12
Red Hat Security Advisory 2024-2010-03 23 hours ago | packetstormsecurity.com
advisory components crlf injection denial of service +19

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cloud Technical Solutions Engineer, Security

@ Google | Mexico City, CDMX, Mexico
View on infosec-jobs.com

Assoc Eng Equipment Engineering

@ GlobalFoundries | SGP - Woodlands
View on infosec-jobs.com

Staff Security Engineer, Cloud Infrastructure

@ Flexport | Bellevue, WA; San Francisco, CA
View on infosec-jobs.com

Software Engineer III, Google Cloud Security and Privacy

@ Google | Sunnyvale, CA, USA
View on infosec-jobs.com

Software Engineering Manager II, Infrastructure, Google Cloud Security and Privacy

@ Google | San Francisco, CA, USA; Sunnyvale, CA, USA
View on infosec-jobs.com
View more jobs