CVE-2022-3075 - OpenCVE

Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fedoraproject	Fedora
Google	Chrome

Configuration 1 [-]

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html
https://crbug.com/1358134
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/
https://security.gentoo.org/glsa/202209-23

History

No history.

MITRE

Status: PUBLISHED

Assigner: Chrome

Published: 2022-09-26T15:01:38

Updated: 2024-08-03T01:00:10.321Z

Reserved: 2022-09-01T00:00:00

Link: CVE-2022-3075

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-09-26T16:15:13.463

Modified: 2024-06-28T14:05:18.150

Link: CVE-2022-3075

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Chrome", "vendor": "Google", "versions": [{"lessThan": "105.0.5195.102", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page."}], "problemTypes": [{"descriptions": [{"description": "Insufficient data validation", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T01:06:50", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://crbug.com/1358134"}, {"tags": ["x_refsource_MISC"], "url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html"}, {"name": "GLSA-202209-23", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202209-23"}, {"name": "FEDORA-2022-3f28aa88cf", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "chrome-cve-admin@google.com", "ID": "CVE-2022-3075", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_affected": "<", "version_value": "105.0.5195.102"}]}}]}, "vendor_name": "Google"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insufficient data validation"}]}]}, "references": {"reference_data": [{"name": "https://crbug.com/1358134", "refsource": "MISC", "url": "https://crbug.com/1358134"}, {"name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html", "refsource": "MISC", "url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html"}, {"name": "GLSA-202209-23", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202209-23"}, {"name": "FEDORA-2022-3f28aa88cf", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:00:10.321Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://crbug.com/1358134"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html"}, {"name": "GLSA-202209-23", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202209-23"}, {"name": "FEDORA-2022-3f28aa88cf", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"}]}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2022-3075", "datePublished": "2022-09-26T15:01:38", "dateReserved": "2022-09-01T00:00:00", "dateUpdated": "2024-08-03T01:00:10.321Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"cisaActionDue": "2022-09-29", "cisaExploitAdd": "2022-09-08", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Google Chromium Mojo Insufficient Data Validation Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8FAA756-0C36-45DA-837D-E17F48AE3ED2", "versionEndExcluding": "105.0.5195.102", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page."}, {"lang": "es", "value": "Una comprobaci\u00f3n insuficiente de datos en Mojo en Google Chrome versiones anteriores a 105.0.5195.102, permit\u00eda a un atacante remoto que hubiera comprometido el proceso de renderizaci\u00f3n llevar a cabo un filtrado de sandbox por medio de una p\u00e1gina HTML dise\u00f1ada.\n"}], "id": "CVE-2022-3075", "lastModified": "2024-06-28T14:05:18.150", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-26T16:15:13.463", "references": [{"source": "chrome-cve-admin@google.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Permissions Required"], "url": "https://crbug.com/1358134"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202209-23"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}