PT-2025-50966 · Google+4 · Google Chromium+6
Published
2025-12-10
·
Updated
2026-06-28
·
CVE-2025-14174
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 143.0.7499.110
Google Chromium (affected versions not specified)
Microsoft Edge (affected versions not specified)
Opera (affected versions not specified)
Vivaldi versions prior to 144.0.7559.28
WebKitGTK (affected versions not specified)
Description
An out-of-bounds memory access flaw exists in the ANGLE graphics library, which translates OpenGL ES calls to Direct3D for Windows systems. This issue occurs due to improper validation of memory boundaries during rendering operations. A remote attacker can exploit this by enticing a user to visit a specially crafted HTML page, potentially leading to arbitrary code execution or a denial of service. This flaw affects all web browsers built on the Chromium open-source project and also impacts the WebKitGTK package. Out-of-bounds memory access is a type of buffer-related flaw where software attempts to read or write data outside the allocated buffer.
Recommendations
Update Google Chrome to version 143.0.7499.110 or later.
Update Vivaldi to version 144.0.7559.28 or later.
Update WebKitGTK packages to version 2.50.4-0ubuntu0.25.04.1.
Update Google Chromium, Microsoft Edge, and Opera to the latest available versions provided by the vendors.
Fix
RCE
DoS
Buffer Overflow
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Angle
Debian
Google Chrome
Google Chromium
Linuxmint
Apple Macos
Ubuntu