CVE-2022-0302: 
vulnerability analysis and mitigation

CVE-2022-0302 is a high-severity vulnerability discovered in Google Chrome's Omnibox feature. The vulnerability was identified as a 'Use after free' issue affecting versions prior to 97.0.4692.99. The flaw was discovered and reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on December 10, 2021, and was publicly disclosed on January 19, 2022 (Chrome Release).

The vulnerability is classified as a 'Use after free' bug specifically affecting the Omnibox component in Google Chrome. This type of vulnerability occurs when a program continues to use a pointer after it has been freed, which can lead to heap corruption. The issue could be triggered when a user engages in specific interactions with a crafted HTML page (CVE Mitre).

If successfully exploited, this vulnerability could allow an attacker to potentially exploit heap corruption through a specially crafted HTML page, but only after convincing a user to engage in specific interactions. The vulnerability was rated as High severity, indicating its significant potential impact on system security (Chrome Release).

Google addressed this vulnerability in Chrome version 97.0.4692.99 for Windows, Mac, and Linux platforms. Users are advised to update their Chrome browsers to this version or later to protect against this security issue. The fix was included as part of a larger security update that addressed multiple vulnerabilities (Chrome Release).