Zhenpeng Lin

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 145.0.7632.159 **Description** An object lifecycle issue in the DevTools component of Google Chrome allowed an attacker to potentially exploit heap corruption. This exploitation could occur if a user was convinced to install a malicious extension. The security severity is rated as High. **Recommendations** Update Google Chrome to version 145.0.7632.159 or later.

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55 Description A use-after-free issue existed in the V8 component of Google Chrome before version 147.0.7727.55. An attacker could potentially exploit heap corruption by convincing a user to install a malicious extension. Recommendations Update Google Chrome to version 147.0.7727.55 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 146.0.7680.153 **Description** A type confusion issue exists in the V8 component of Google Chrome. This could allow a remote attacker to exploit heap corruption through a specially crafted HTML page. The Chromium security severity is rated as High. **Recommendations** Update Google Chrome to version 146.0.7680.153 or later.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to an error in resource management in the Linux kernel's route4 change function, which can be exploited to cause a denial of service or execute arbitrary code. The vulnerability is associated with a use-after-free problem in the cls route filter implementation. It allows a local privileged attacker to crash the system, potentially leading to a privilege escalation. The vulnerability can be exploited to elevate privileges by replacing non-privileged credentials with privileged ones. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.