Primary

Context

Google Chrome V8 Out-of-Bounds Read Vulnerability Allowing Memory Access

Vulnerability

Patched

A high-severity out-of-bounds read vulnerability has been identified in the V8 JavaScript engine used by Google Chrome. This issue affects Chrome versions prior to 134.0.6998.35. The vulnerability allows remote attackers to perform out-of-bounds memory access by exploiting a crafted HTML page.

Impact

Exploitation of this vulnerability leads to memory corruption, which can commonly be leveraged to execute arbitrary code in the context of the affected process.

Reproduction

The vulnerability can be reproduced using a component build of V8. After setting the denormal flushing flag, the crafted JavaScript payload triggers the out-of-bounds read, causing a debug check failure due to an invalid memory access index.

Remediation

Users should update to Google Chrome version 134.0.6998.35 or later, where this vulnerability has been fixed.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

5.8

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

5.8

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Google Chrome V8 Out-of-Bounds Read Vulnerability Allowing Memory Access

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Google Chrome

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating