CVE-2022-1096 - Type Confusion in V8 IVM Coverage

Below is a query I’ve used to determine versions of Chrome that are < 99.0.4844.84. Since there is (currently) no definitions available for this within IVM, this seems to suffice for now.

SQL Report Below:

SELECT DISTINCT UPPER(da.host_name) AS host_name, da.ip_address as ip_address, dos.description as operating_system, ds.vendor, as software_name, STRING_AGG(ds.version, ', ’ Order by ds.version ASC) AS version, TO_CHAR(drt.scan_finished, ‘MON-DD-YYYY HH24:MI’) AS last_scan
FROM dim_asset da
JOIN dim_operating_system dos USING (operating_system_id)
JOIN dim_host_type dht USING (host_type_id)
JOIN fact_asset drt USING (asset_id)
JOIN dim_asset_software das on das.asset_id = da.asset_id
JOIN dim_software ds on ds.software_id = das.software_id
WHERE LIKE ‘Chrome’ and ds.version < ‘99.0.4844.84’
GROUP BY das.asset_id, da.host_name, da.ip_address, dos.description, ds.vendor,, ds.version, drt.scan_finished
ORDER BY UPPER (da.host_name)

I selected a dynamic asset filter based on “Last Scan Date within the last 7 days”. I couldn’t figure out how to do this in SQL, but this seemed to do the trick. What’s another dynamic asset group, right? Hope this helps!


Thanks for sharing this! This is also a good starting point if you’re looking to filter assets based on other particular software attributes.