Out of bounds read in Blink>InterestGroups
Summary
Out of bounds read and write in Blink>InterestGroups in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) An out of bounds read flaw was found in the Blink>InterestGroups component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=523677844 Red Hat Product Security rates the severity of this flaw as determined by the Google Chrome Security Advisory. Red Hat severity: Critical — CVSS 8.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). Weakness: CWE-125. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
Mitigation checklist
- Red Hat rates this critical; a fix erratum may not be out yet — apply the RHSA as soon as it publishes.
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.