Google Chrome Browser (125.0.6422.141/.142) Security Update Advisory

Overview

 

Google has released an update to address a vulnerability in the Chrome(https://www.google.com/chrome) browser. Users of affected versions are advised to update to the latest version.

 

Affected Products

 

Chrome prior to version 125.0.6422.141 (Linux)

Chrome prior to version 125.0.6422.141/.142 (Windows)

 

Resolved Vulnerabilities

 

High-level memory free-and-reuse (UAF) vulnerability in the Dawn function (CVE-2024-5494 and 1 other) [1]

High-level out-of-bounds memory access vulnerability in the Keyboard inputs function (CVE-2024-5497) [1]

High-level memory free and reuse (UAF) vulnerability in the Media session function (CVE-2024-5496) [1]

High-level memory free and reuse (UAF) vulnerability in the Presentation api function (CVE-2024-5498) [1]

High-level out-of-bounds write vulnerability in Streams api functionality (CVE-2024-5499) [1]

High Level Heap Buffer Overflow Vulnerability in Webrtc Functionality (CVE-2024-5493) [1]

 

Vulnerability Patches

 

The following vulnerability patches were made available in the 05/30/2024 update. For more information on vulnerability patches, please refer to the “Google Chrome” Referenced Sites document.

Chrome 125.0.6422.141/.142 and later (Windows)

Chrome 125.0.6422.141 and later (Linux)

 

Referenced Sites

 

[1] Stable Channel Update for Desktop

https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html

[2] Chrome Update

https://support.google.com/chrome/answer/95414?co=GENIE.Platform%3DDesktop