A critical Use-After-Free vulnerability in Google Chrome’s GFX component on Linux poses a significant risk of remote code execution.

This vulnerability involves memory corruption in the GFX (Graphics) subsystem due to a Use-After-Free error. An unauthenticated attacker can exploit this flaw through a specially crafted webpage to execute arbitrary code on the host system.

The CVSS score of 8.8 reflects the high potential for an attacker to gain control over the underlying operating system on Linux-based workstations. This could lead to a full breach of the affected device, resulting in data theft, unauthorized access to internal resources, and potential lateral movement within the network.

Immediate Action: Update Google Chrome on all Linux distributions to version 149 or later immediately.

Proactive Monitoring: Audit Linux workstation logs for anomalous system calls or crashes originating from the Chrome browser process.

Compensating Controls: Utilize SELinux or AppArmor profiles to restrict the browser process's access to sensitive system files and resources, limiting the impact of a successful exploit.

Public Exploit Available: false

Given the prevalence of Chrome in Linux environments, users and administrators must prioritize this update. Applying the vendor patch for version 149 is essential to mitigate the risk of arbitrary code execution and maintain the security posture of Linux-based endpoints.