A high-severity use-after-free vulnerability in Google Chrome on Linux exposes users to potential remote code execution and system compromise.

This vulnerability is a use-after-free flaw located within the File Input handler of the browser. An unauthenticated attacker could exploit this memory corruption issue by enticing a user to interact with a specially crafted web page.

The vulnerability carries a CVSS score of 8.8, indicating a high level of risk to organizational endpoints. Successful exploitation could lead to full system compromise, unauthorized data access, and potential lateral movement within the network, significantly impacting business continuity and data integrity.

Immediate Action: Update all installations of Google Chrome on Linux to version 149 or later immediately.

Proactive Monitoring: Review system logs for unusual browser crashes or unexpected process behavior that may indicate exploitation attempts.

Compensating Controls: Ensure that browser-based endpoint protection and sandboxing features are fully enabled and up to date to restrict the impact of malicious code execution.

Public Exploit Available: false

Given the high CVSS score and the critical nature of browser-based memory corruption flaws, organizations must prioritize this update. Deploy the vendor-provided patch across all Linux workstations immediately to neutralize the risk of remote exploitation.