CVE-2022-0973 – This is a use-after-free vulnerability in Googl... (How to Fix)

Q: What is the severity of CVE-2022-0973?

CVE-2022-0973 has a CVSS score of 9.6 (CRITICAL). This is a use-after-free vulnerability in Google Chrome's Safe Browsing feature that allows remote attackers to potentially exploit heap corruption. Attackers can craft malicious HTML pages to trigger this vulnerability, potentially leading to arbitrary code execution. All users running vulnerable versions of Google Chrome are affected.

📋 TL;DR

This is a use-after-free vulnerability in Google Chrome's Safe Browsing feature that allows remote attackers to potentially exploit heap corruption. Attackers can craft malicious HTML pages to trigger this vulnerability, potentially leading to arbitrary code execution. All users running vulnerable versions of Google Chrome are affected.

💻 Affected Systems

Products:

Google Chrome

Versions: All versions prior to 99.0.4844.74

Operating Systems: Windows, macOS, Linux, Chrome OS, Android

Default Config Vulnerable: ⚠️ Yes

Notes: All Chrome installations with Safe Browsing enabled (default) are vulnerable. Chromium-based browsers may also be affected.

📦 What is this software?

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the Chrome process, potentially leading to full system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Browser crash (denial of service) or limited code execution within the browser sandbox, potentially enabling further exploitation.

🟢

If Mitigated

No impact if Chrome is fully patched or if exploit attempts are blocked by security controls.

🌐 Internet-Facing: HIGH - Attackers can host malicious HTML pages on websites accessible via the internet.

🏢 Internal Only: MEDIUM - Risk exists if users visit malicious internal web pages or if attackers gain internal network access.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires user interaction (visiting a malicious page). The vulnerability is in Safe Browsing, which is designed to protect users from malicious sites.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 99.0.4844.74 and later

Vendor Advisory: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html

Restart Required: Yes

Instructions:

1. Open Chrome. 2. Click the three-dot menu → Help → About Google Chrome. 3. Chrome will automatically check for and install updates. 4. Click 'Relaunch' to restart Chrome with the update.

🔧 Temporary Workarounds

Disable Safe Browsing

all

Temporarily disable Safe Browsing feature (not recommended as it reduces security).

chrome://settings/security → Disable 'Safe Browsing'

Use Chrome Enterprise policies

all

Configure Chrome via Group Policy or MDM to restrict browsing to trusted sites only.

Configure 'URLBlocklist' and 'URLAllowlist' policies

🧯 If You Can't Patch

Restrict web browsing to essential, trusted websites only.
Deploy web filtering/proxy solutions to block access to potentially malicious sites.

🔍 How to Verify

Check if Vulnerable:

Check Chrome version: if below 99.0.4844.74, the system is vulnerable.

Check Version:

chrome://version/ or 'google-chrome --version' (Linux/macOS)

Verify Fix Applied:

Confirm Chrome version is 99.0.4844.74 or higher after update.

📡 Detection & Monitoring

Log Indicators:

Chrome crash reports
Unexpected process termination events in system logs

Network Indicators:

Requests to known malicious domains hosting exploit code

SIEM Query:

source="chrome" AND (event_type="crash" OR message="*SafeBrowsing*" AND severity="critical")

📊 Metadata

CVE ID: CVE-2022-0973

CVSS v3 Score: 9.6 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE: CWE-416

Published: July 21, 2022

Last Updated: November 21, 2024

🔗 References

https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html Release Notes,Vendor Advisory
https://crbug.com/1297498 Exploit,Issue Tracking,Patch,Vendor Advisory
https://security.gentoo.org/glsa/202208-25 Third Party Advisory
https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html Release Notes,Vendor Advisory
https://crbug.com/1297498 Exploit,Issue Tracking,Patch,Vendor Advisory
https://security.gentoo.org/glsa/202208-25 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-0973, you might also want to check these: