Google Chrome on Android contains a high-severity use-after-free vulnerability in WebShare that could lead to arbitrary code execution if successfully exploited.

This is a use-after-free vulnerability located within the WebShare component of the browser. The flaw occurs when the application continues to use a memory pointer after it has been freed, which can be manipulated by an attacker to execute arbitrary code.

A CVSS score of 8.3 reflects a high risk of exploitation. Successful exploitation could lead to unauthorized access to user data, browser crashes, or the execution of malicious code within the context of the browser, potentially compromising the integrity of the mobile device.

Immediate Action: Update the Google Chrome browser on all Android devices to the latest version as provided by the Google Play Store or manufacturer updates.

Proactive Monitoring: Monitor for unexpected browser crashes or unusual performance behavior that may indicate an attempt to trigger the use-after-free condition.

Compensating Controls: Ensure that Play Protect is enabled on all Android devices and avoid navigating to untrusted or suspicious websites that may attempt to exploit browser-based vulnerabilities.

Public Exploit Available: False

Browser-based vulnerabilities are frequently targeted. It is essential to ensure that all mobile devices are running the most recent version of Chrome to mitigate the risk posed by this use-after-free flaw.