CVE-2022-3041: 
vulnerability analysis and mitigation

A Use-after-free vulnerability (CVE-2022-3041) was discovered in WebSQL component of Google Chrome versions prior to 105.0.5195.52. This vulnerability allowed remote attackers to potentially exploit heap corruption through a specially crafted HTML page (Chrome Release, CVE Mitre).

The vulnerability was identified as a Use-after-free (UAF) issue in the WebSQL component of Google Chrome. The bug was reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute on July 20, 2022. Google assigned a High severity rating to this vulnerability and awarded a bounty of $7,500 for the discovery (Chrome Release).

The vulnerability could allow remote attackers to exploit heap corruption through specially crafted HTML pages, potentially leading to arbitrary code execution within the context of the browser (Debian Security).

The vulnerability was fixed in Google Chrome version 105.0.5195.52. Users and administrators are advised to upgrade to this version or later. Multiple Linux distributions including Debian, Ubuntu, and Fedora have also released security updates to address this vulnerability (Fedora Update, Gentoo Security).