Multiple vulnerabilities in Google ChromeOS

Published: 2025-02-26

Risk	High
Patch available	YES
Number of vulnerabilities	3
CVE-ID	CVE-2024-46800 CVE-2024-49861 CVE-2025-0611
CWE-ID	CWE-416 CWE-908 CWE-119
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	Chrome OS Operating systems & Components / Operating system
Vendor	Google

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU97501

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46800

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the qdisc_enqueue() function in net/sched/sch_netem.c. A local user can escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Chrome OS: before 126.0.6478.265

CPE2.3

cpe:2.3:o:google:chromeos:*:*:*:*:*:*:*:*

External links

http://chromereleases.googleblog.com/2025/02/long-term-support-channel-update-for_26.html

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use of uninitialized resource

EUVDB-ID: #VU99086

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49861

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the sizeof() function in net/core/filter.c, within the sizeof() function in kernel/trace/bpf_trace.c, within the arg_type_is_dynptr() function in kernel/bpf/verifier.c, within the sizeof() function in kernel/bpf/syscall.c, within the sizeof() function in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Chrome OS: before 126.0.6478.265

CPE2.3

External links

http://chromereleases.googleblog.com/2025/02/long-term-support-channel-update-for_26.html

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Buffer overflow

EUVDB-ID: #VU103243

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-0611

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary error in V8 in Google Chrome. A remote attacker can trick the victim to visit a specially crafted webpage, trigger memory corruption and execute arbitrary code on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Chrome OS: before 126.0.6478.265

CPE2.3

External links

http://chromereleases.googleblog.com/2025/02/long-term-support-channel-update-for_26.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.