The Indian Computer Emergency Response Team (CERT-In) has warned users of multiple vulnerabilities in Google Chrome for desktop that can let hackers gain access to their computers.
According to CERT-In, the multiple vulnerabilities could allow a remote attacker to execute arbitrary code and security restriction bypass on the targeted system. These vulnerabilities exist in Google Chrome due to use after free in FedCM, SwiftShader, ANGLE, Blink, Sign-in Flow, Chrome OS Shell, heap buffer overflow in downloads, insufficient validation of untrusted input in intents, insufficient policy enforcement in cookies, and inappropriate implementation in extensions application programming interface (API).
In an advisory, CERT-In warned that a remote attacker could exploit these vulnerabilities by sending a specially crafted request on the targeted system. It noted that the vulnerability (CVE-2022-2856) is being exploited in the wild and advised users to apply patches urgently.
