PT-2025-23562 · Google+4 · Google Chrome+4

Walkman

Published

2025-04-07

Updated

2025-08-28

CVE-2025-5068

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 137.0.7151.68

Description A use after free issue in Blink allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. The estimated number of potentially affected devices is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations For versions prior to 137.0.7151.68, update to version 137.0.7151.68 or later to resolve the issue. As a temporary workaround, consider restricting access to crafted HTML pages until a patch is available.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2025-8435

BDU:2025-06391

CVE-2025-5068

DSA-5935-1

MGASA-2025-0187

OPENSUSE-SU-2025:15210-1

Affected Products

Alt Linux

Astra Linux

Debian

Google Chrome

Red Os

PT-2025-23562 · Google+4 · Google Chrome+4

CVE-2025-5068

Weakness Enumeration

Related Identifiers

Affected Products

References · 53