CVE-2022-1919: 
Google Chrome vulnerability analysis and mitigation

A Use-after-free vulnerability in Codecs component was discovered in Google Chrome versions prior to 101.0.4951.41. This vulnerability, tracked as CVE-2022-1919, was reported by Irvan Kurniawan (sourc7) on April 5, 2022, and allowed remote attackers to potentially exploit heap corruption through a crafted HTML page (Chrome Release, NVD).

The vulnerability is classified as a Use-after-free (UAF) issue in the Codecs component of Google Chrome. This type of vulnerability occurs when a program continues to use a pointer after it has been freed, which can lead to memory corruption. The vulnerability was assigned a High severity rating, and Google awarded a bounty of $7,500 for its discovery (Chrome Release).

The vulnerability could allow a remote attacker to potentially exploit heap corruption through a specially crafted HTML page. This could potentially lead to arbitrary code execution within the context of the browser (NVD).

Google addressed this vulnerability in Chrome version 101.0.4951.41. Users are advised to update to this version or later to mitigate the risk. The fix was also incorporated into other Chromium-based browsers in their subsequent releases (Chrome Release).