CVE-2025-12433

Name of the Vulnerable Software and Affected Versions Chromium versions prior to 142.0.7444.59 Chromium versions 142.0.7444.59-1deb12u1 through 142.0.7444.59-1deb13u1

Description An issue exists in the V8 JavaScript engine component of Google Chrome and Microsoft Edge browsers. This is due to an improper implementation in V8, specifically related to security checks for standard elements. Exploitation of this issue could allow a remote attacker to gain unauthorized access to protected information through out-of-bounds memory access via a specially crafted HTML page. The issue is related to an invalid hole-check removal in the Ignition interpreter.

Recommendations Upgrade Chromium to version 142.0.7444.59 or later. Upgrade Chromium to version 142.0.7444.59-1deb12u1 for the oldstable distribution (bookworm). Upgrade Chromium to version 142.0.7444.59-1deb13u1 for the stable distribution (trixie). Upgrade Chromium to version 142.0.7444.162-alt0.p11.1.