CVE-2022-2608: 
Google Chrome vulnerability analysis and mitigation

A use-after-free vulnerability (CVE-2022-2608) was discovered in the Overview Mode feature of Google Chrome on Chrome OS prior to version 104.0.5112.79. The vulnerability was reported by Khalil Zhani on June 1, 2022, and was patched in the stable channel update released on August 2, 2022 (Chrome Release).

The vulnerability is classified as High severity with a CVSS v3.1 base score of 8.8 (HIGH). The CVSS vector string is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating that the vulnerability can be exploited remotely with low attack complexity, requires no privileges but does need user interaction, and can result in high impacts to confidentiality, integrity, and availability (NVD).

If successfully exploited, this vulnerability could allow a remote attacker to potentially exploit heap corruption through specific UI interactions, leading to arbitrary code execution. The attacker would need to convince a user to engage in specific user interactions for the exploit to be successful (NVD).

The vulnerability was patched in Chrome version 104.0.5112.79. Users and administrators are advised to update to this version or later. Multiple Linux distributions have also released security updates to address this vulnerability, including Debian, Fedora, and Gentoo (Gentoo Advisory, Debian Tracker).