Volerion logoVolerion
Volerion logoVolerion

Google Chrome Use-After-Free Vulnerability in Navigation Component

Vulnerability

A use-after-free vulnerability has been identified in the navigation component of Google Chrome. This issue affects versions prior to 133.0.6943.98 and has been classified as high severity. The vulnerability allows remote attackers to potentially exploit heap corruption by using a specially crafted Chrome extension.

Impact

Exploitation of this vulnerability leads to heap corruption, causing memory management issues that can be exploited to execute arbitrary code or cause a crash.

Reproduction

The vulnerability can be reproduced by loading a malicious Chrome extension that triggers the 'beforeunload' event in a webview guest. This can be done by crashing the guest's renderer process, which forces an early swap of the render frame host, creating a use-after-free condition when the 'beforeunload' event is processed.

Remediation

Users can update to Google Chrome version 133.0.6943.98 or later, where this vulnerability has been fixed.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
8.4
impact
0.6
exploitability
5.8
remediation
7.7
relevance
0.0
threat
6.4
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.