CVE-2024-9954

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 130.0.6723.58 Microsoft Edge (affected versions not specified)

Description The issue is related to a use-after-free vulnerability in the Artificial Intelligence (AI) technology of Google Chrome and Microsoft Edge browsers. This vulnerability can be exploited by a remote attacker via a crafted HTML page, potentially allowing them to impact the confidentiality, integrity, and availability of protected information. The vulnerability is associated with heap corruption.

Recommendations For Google Chrome versions prior to 130.0.6723.58, update to version 130.0.6723.58 or later. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to AI-related features in Microsoft Edge until a patch is available.