Volerion logoVolerion
Volerion logoVolerion

Google Chrome V8 Out-of-Bounds Memory Access Vulnerability Allowing Heap Corruption

Vulnerability

A high-severity out-of-bounds memory access vulnerability has been identified in the V8 JavaScript engine of Google Chrome. This issue affects Chrome versions prior to 132.0.6834.110 and has been linked to improper handling of function arguments, which can lead to memory corruption. The vulnerability can be exploited by a remote attacker through a crafted HTML page, potentially causing heap corruption that could be exploited.

Impact

Exploitation of this vulnerability leads to memory corruption, specifically heap corruption, which can commonly be exploited to execute arbitrary code.

Reproduction

The vulnerability can be reproduced using a specific JavaScript function that manipulates the argument length and binds functions in a way that exceeds the expected limits. This can be done by creating a bound function with a large number of arguments and then calling it, which triggers the out-of-bounds access and the subsequent memory corruption.

Remediation

Users should update to Google Chrome version 132.0.6834.110 or later, where this vulnerability has been fixed.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.8
remediation
7.7
relevance
0.0
threat
6.4
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.