Chrome 108 Patches High-Severity Memory Safety Bugs


With patches for 28 vulnerabilities, including 22 that were disclosed by outside researchers, Google this week announced the stable channel release of Chrome 108. Eight of the security holes of high severity and 14 with medium.

According to the bug bounty payment, CVE-2022-4174, a type confusion flaw in the V8 JavaScript engine of the web browser, is the most serious of these flaws. Google claims it paid a $15,000 reward for the vulnerability’s disclosure and gave credit to security researcher Zhenghang Xiao.

Read More…