Google releases Chrome OS security updates with fixes for 5 High severity vulnerabilities

Google has released Long Term Support (LTS) 102 security update and Stable Channel update for Chrome OS devices to fix multiple High risk vulnerabilities.

An attacker could exploit these vulnerabilities to take control of impacted systems.

Google rolled out its Long Term Support Channel Update (LTS-102) for ChromeOS to 102.0.5005.194 (Platform Version: 14695.173.0) for most ChromeOS devices.

The LTS-102 update addressed the following High severity vulnerabilities:

1. CVE-2022-4437: Use after free in Mojo IPC
2. CVE-2022-4436: Use after free in Blink Media (High)
3. CVE-2022-42720: Linux kernel vulnerability advisory (High)
4. CVE-2022-41674: Linux kernel vulnerability advisory (High)
5. CVE-2022-42719: Linux kernel vulnerability advisory (High).

As noted in the advisory, there were no known active exploits in the wild for these vulnerabilities.

In addition, Google will be rolling out its Stable Channel Update in coming days to 108.0.5359.172 (Platform version: 15183.78.0) for ChromeOS / ChromeOS Flex. No CVEs were listed in the advisory.

Related Articles

• Google releases Long-term Support (LTS) update for Chrome OS 96 with fixes for multiple vulnerabilities
• Google releases Chrome 108 update with fixes for 4 High risk vulnerabilities
• Mozilla patches 2 Critical zero-day security flaws under attack in the wild