CVE-2025-12443

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 142.0.7444.59 Chromium versions prior to 142.0.7444.59 Chromium versions 142.0.7444.59-1deb12u1 and 142.0.7444.59-1deb13u1 Chromium versions prior to 142.0.7444.162-alt0.p11.1

Description An out-of-bounds read issue exists in the WebXR component of Google Chrome and Chromium-based browsers. This allows a remote attacker to perform an out-of-bounds memory read through a specially crafted HTML page. The issue affects over 4 billion devices worldwide. Exploitation of this issue could allow a remote attacker to gain unauthorized access to protected information. The vulnerability is related to reading data outside the bounds of a memory buffer.

Recommendations Google Chrome versions prior to 142.0.7444.59: Update to version 142.0.7444.59 or later. Chromium versions prior to 142.0.7444.59: Update to version 142.0.7444.59 or later. Chromium versions 142.0.7444.59-1deb12u1 and 142.0.7444.59-1deb13u1: No further action is required. Chromium versions prior to 142.0.7444.162-alt0.p11.1: Update to version 142.0.7444.162-alt0.p11.1 or later.