ISN 2022-21: Chromium Vulnerability

First published 15 September 2022

CVSS 3.1 High

CVSS:3.1 n/a

Summary

A vulnerability has been found in the Chromium web browser used in IGEL OS. This affects the following IGEL products:

• IGEL OS 11

Details

A vulnerability has been found in the Mojo library collection used in Chromium (CVE-2022-3075). It is rated high and is caused by insufficient data validation. Google is aware of reports that an exploit for this issue exists in the wild.

Update Instructions

• IGEL OS 11: Update to IGEL OS version 11.08.200 (release planned for mid-October)

References

• Chrome Team – Stable Channel Update for Desktop: https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html