PT-2026-42243 · Google · Google Chrome
Published
2026-05-20
·
Updated
2026-05-22
·
CVE-2026-9123
CVSS v3.1
7.5
High
| Vector | AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Google Chrome on Android versions prior to 148.0.7778.179
Google Chrome on Linux versions prior to 148.0.7778.179
Google Chrome on ChromeOS versions prior to 148.0.7778.179
Description
A heap buffer overflow in the Chromecast component allows a local attacker to execute arbitrary code within a sandbox by sending malicious network traffic. A heap buffer overflow occurs when a program writes more data to a heap-allocated memory block than it can hold, potentially overwriting adjacent memory.
Recommendations
Update Google Chrome on Android to version 148.0.7778.179 or later.
Update Google Chrome on Linux to version 148.0.7778.179 or later.
Update Google Chrome on ChromeOS to version 148.0.7778.179 or later.
Fix
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Google Chrome