Summary: Google has released a critical security update for Chrome to address three vulnerabilities, including two critical heap buffer overflow flaws that could allow attackers to execute arbitrary code. These vulnerabilities affect the V8 JavaScript engine, GPU subsystem, and network stack, posing risks to billions of users globally. Users are strongly advised to update their browsers immediately to mitigate potential exploitation.
Affected: Google Chrome Browser
Keypoints :
- Three critical vulnerabilities patched in Chrome versions 133.0.6943.126/.127 for Windows/Mac and 133.0.6943.126 for Linux.
- CVE-2025-0999: High-severity heap buffer overflow in the V8 JavaScript engine allowing remote code execution (RCE).
- CVE-2025-1426: High-risk vulnerability in GPU subsystem that could enable attackers to escape the Chrome sandbox and execute native code.
- CVE-2025-1006: Medium-severity use-after-free flaw in the network stack potentially allowing arbitrary code execution via manipulated packets.
- Users urged to update Chrome immediately via Settings or enable automatic updates to protect against these vulnerabilities.
Source: https://gbhackers.com/chrome-buffer-overflow-flaws/
Views: 17
简体中文
Nederlands
Français
Bahasa Indonesia
日本語
Português