WebRTC Heap Buffer Overflow Vulnerability

Added Aug. 25, 2022 • Due Sept. 15, 2022 • CVE-2022-2294

Overdue WebRTC / WebRTC CWE-122

Description

WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vulnerability that allows an attacker to perform shellcode execution. This vulnerability impacts web browsers using WebRTC including but not limited to Google Chrome.

Required Action

Apply updates per vendor instructions.

References

https://groups.google.com/g/discuss-webrtc/c/5KBtZx2gvcQ
https://nvd.nist.gov/vuln/detail/CVE-2022-2294

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 9 months, 4 weeks ago