Benoît Sevens

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 137.0.7151.68 Microsoft Edge versions prior to 137.0.7151.68 Opera versions prior to 119.0.5497.70 Opera GX versions prior to 119.0.5497.68 Chromium versions prior to 137.0.7151.68 **Description** Google Chrome, Microsoft Edge, Opera, and Opera GX are affected by a high-severity zero-day vulnerability (CVE-2025-5419) in the V8 JavaScript engine. This vulnerability is an out-of-bounds read and write flaw that allows a remote attacker to potentially execute arbitrary code, leading to heap corruption via a crafted HTML page. The vulnerability is actively exploited in the wild. Attackers can exploit this flaw by luring victims to malicious websites. The vulnerability affects the V8 JavaScript and WebAssembly engine. **Recommendations** Google Chrome versions prior to 137.0.7151.68: Update to version 137.0.7151.68 or later. Microsoft Edge versions prior to 137.0.7151.68: Update to version 137.0.7151.68 or later. Opera versions prior to 119.0.5497.70: Update to version 119.0.5497.70 or later. Opera GX versions prior to 119.0.5497.68: Update to version 119.0.5497.68 or later. Chromium versions prior to 137.0.7151.68: Update to version 137.0.7151.68 or later.

Name of the Vulnerable Software and Affected Versions: Windows Subsystem for Linux (affected versions not specified) Description: The issue is related to an untrusted pointer dereference, which allows an unauthorized attacker to execute code locally. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue concerns a potential out-of-bounds access in the Linux kernel's ALSA: usb-audio component, specifically affecting Extigy and Mbox devices. A malicious device can provide a `bNumConfigurations` value that exceeds the initial allocation for `dev->config`, leading to out-of-bounds accesses later, for example, in `usb destroy configuration`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Safari versions prior to 18.1.1 iOS versions prior to 17.7.2 and 18.1.1 iPadOS versions prior to 17.7.2 and 18.1.1 macOS Sequoia versions prior to 15.1.1 visionOS versions prior to 2.1.1 **Description** The issue was addressed with improved checks. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems. **Recommendations** For Safari versions prior to 18.1.1, update to Safari 18.1.1. For iOS versions prior to 17.7.2 and 18.1.1, update to iOS 17.7.2 or 18.1.1. For iPadOS versions prior to 17.7.2 and 18.1.1, update to iPadOS 17.7.2 or 18.1.1. For macOS Sequoia versions prior to 15.1.1, update to macOS Sequoia 15.1.1. For visionOS versions prior to 2.1.1, update to visionOS 2.1.1.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The vulnerability is related to out-of-bounds reads in the Linux kernel's USB Audio driver. The current USB-audio driver code does not check the bLength of each descriptor when traversing for clock descriptors, which can lead to out-of-bounds reads if a device provides a bogus descriptor with a shorter bLength. This issue can be exploited by an attacker with physical access to the system, allowing them to gain additional access by reading arbitrary system memory. The vulnerability can also lead to local information disclosure with no additional execution privileges needed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Safari versions prior to 18.1.1 iOS versions prior to 17.7.2 and 18.1.1 iPadOS versions prior to 17.7.2 and 18.1.1 macOS Sequoia versions prior to 15.1.1 visionOS versions prior to 2.1.1 **Description** The issue is related to a cookie management problem that has been addressed with improved state management. Processing maliciously crafted web content may lead to a cross-site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems. **Recommendations** For Safari versions prior to 18.1.1, update to Safari 18.1.1 or later. For iOS versions prior to 17.7.2 and 18.1.1, update to iOS 17.7.2 or iOS 18.1.1 or later. For iPadOS versions prior to 17.7.2 and 18.1.1, update to iPadOS 17.7.2 or iPadOS 18.1.1 or later. For macOS Sequoia versions prior to 15.1.1, update to macOS Sequoia 15.1.1 or later. For visionOS versions prior to 2.1.1, update to visionOS 2.1.1 or later. As a temporary workaround, consider restricting access to malicious web content to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux Kernel (affected versions not specified) **Description** The issue is related to a possible leak of kernel memory contents to a USB HID due to uninitialized data in the Linux kernel. This could lead to physical information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. The vulnerability has been resolved by zero-initializing the report buffer in the Linux kernel. It is also mentioned that this vulnerability was actively exploited, including by Serbian authorities to unlock confiscated devices via an exploit chain developed by Cellebrite. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 119.0.6045.199 **Description** The issue is related to an integer overflow in the Skia graphics library of Google Chrome, allowing a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a malicious file. The severity of this issue is high. It has been reported that an exploit for this issue exists in the wild and has been actively exploited by hackers. Google has released an emergency security update to address this zero-day vulnerability. **Recommendations** For Google Chrome versions prior to 119.0.6045.199, update to version 119.0.6045.199 or later to fix the integer overflow vulnerability in the Skia graphics library. As a temporary workaround, consider restricting access to potentially malicious files until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows (affected versions not specified) **Description** The issue is related to a security feature bypass vulnerability in Microsoft Windows SmartScreen. This vulnerability can be exploited by an attacker to bypass security restrictions by loading specially crafted malicious files. The vulnerability is associated with errors in security settings. There have been real-world incidents where this issue was exploited, including its use by Magniber ransomware actors. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to 10.0.10240.19567 Microsoft Windows 10 1507 versions prior to 10.0.10240.19567 Microsoft Windows 10 1607 versions prior to 10.0.14393.5501 Microsoft Windows 10 1809 versions prior to 10.0.17763.3650 Microsoft Windows 10 20h2 versions prior to 10.0.19042.2251 Microsoft Windows 10 21h1 versions prior to 10.0.19043.2251 **Description** The issue is related to a remote code execution vulnerability in the Windows Scripting Languages. It allows remote attackers to execute arbitrary code and affect the system. The vulnerability was exploited by North Korean hackers, known as APT37, in targeted attacks on South Korean neighbors. The attack was implemented by embedding malicious software in documents referencing a recent mass incident in Itaewon, Seoul. The vulnerability was used to deliver malicious software or execute arbitrary code when displaying a website controlled by an attacker. The estimated number of potentially affected devices is not specified. **Recommendations** For Microsoft Windows versions prior to 10.0.10240.19567, update to a version newer than 10.0.10240.19567. For Microsoft Windows 10 1507 versions prior to 10.0.10240.19567, update to a version newer than 10.0.10240.19567. For Microsoft Windows 10 1607 versions prior to 10.0.14393.5501, update to a version newer than 10.0.14393.5501. For Microsoft Windows 10 1809 versions prior to 10.0.17763.3650, update to a version newer than 10.0.17763.3650. For Microsoft Windows 10 20h2 versions prior to 10.0.19042.2251, update to a version newer than 10.0.19042.2251. For Microsoft Windows 10 21h1 versions prior to 10.0.19043.2251, update to a version newer than 10.0.19043.2251.