image credit: pixabay
The most severe of these bugs is CVE-2022-2156, which is described as a critical-severity use-after-free issue in Base.
The security flaw was identified by Mark Brand of Google Project Zero. Per Google’s policy, no bug bounty reward will be handed out for this vulnerability.
Leading to arbitrary code execution, corruption of data, or denial of service, use-after-free flaws are triggered when a program frees memory allocation but does not clear the pointer after that.
Comments are closed.
