Google has issued updates to Chrome 97.0.4692.99 and 96.0.4664.174 (Extended Stable) that fix 26 vulnerabilities, including a critical vulnerability (CVE-2022-0289) that could bypass all browser security layers and execute code on a system outside of the sandbox -environment. Details have not yet been disclosed, it is only known that the critical vulnerability is related to accessing already freed memory (use-after-free) in the implementation of the Safe Browsing mode.
Other fixed vulnerabilities include problems with addressing already freed memory in the site isolation mechanism, Webpack technology and code related to processing Push notifications, the Omnibox address bar, printing, using the Vulkan API, editing input methods, working with bookmarks . Buffer overflow issues have been identified in web developer tools and the PDFium PDF viewer. Security-affecting implementation bugs have been fixed in the field autocomplete system, the Storage API, and the Fenced Frames API.
Source: opennet.ru