A critical heap buffer overflow in Google Chrome’s Codecs component on Linux and ChromeOS platforms creates a significant risk of remote code execution and sandbox escape.

This vulnerability involves a heap buffer overflow within the Codecs component. An attacker could exploit this by enticing a user to view a specially crafted HTML page, potentially leading to a sandbox escape after the initial compromise of the renderer process.

The CVSS score of 8.3 reflects the high risk posed by this memory corruption vulnerability. If exploited, an attacker could gain elevated privileges or move laterally within the network by escaping the browser's security sandbox, resulting in potential data breaches or full system compromise.

Immediate Action: Update Google Chrome to version 149.0.7827.114 on all Linux and ChromeOS devices immediately.

Proactive Monitoring: Review web proxy and endpoint logs for access to suspicious or malicious web domains that may be hosting crafted content designed to trigger codec errors.

Compensating Controls: Utilize Web Application Firewalls (WAF) to filter malicious traffic and ensure all browser-based security extensions are active to mitigate potential drive-by download attempts.

Public Exploit Available: false

The severity of this issue necessitates an immediate patching cycle for all Chrome users on Linux and ChromeOS. Administrators should prioritize this update to prevent potential remote exploitation via malicious web content.