AI description
CVE-2025-9478 is a use-after-free vulnerability found in the ANGLE component of Google Chrome. ANGLE translates OpenGL ES calls into native graphics API calls. The vulnerability affects Google Chrome versions prior to 139.0.7258.154 across Windows, Mac, and Linux platforms. The vulnerability can be triggered by a crafted HTML page, leading to heap corruption. By exploiting this vulnerability, an attacker could execute arbitrary code within the browser process, potentially compromising the user's browser session. Visiting a malicious website could trigger the exploit. Google has released security updates to address this vulnerability in Chrome version 139.0.7258.154/.155 for Windows and Mac, and 139.0.7258.154 for Linux.
- Description
- Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
- Products
- chrome
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- chrome-cve-admin@google.com
- CWE-416
- Hype score
- Not currently trending
Una falla crítica en Chrome (CVE-2025-9478) permite ejecutar código remoto. Fue detectada por la IA Big Sleep de Google DeepMind. Google lanzó un parche urgente en la versión 139.0.7258.154/.155. 🔗 Más info: https://t.co/pilw0f1pK7
@trustlock_sec
4 Sept 2025
11 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
The "Critical" Chrome GPU bug (CVE-2025-9478) is suspicious. Background: Google Big Sleep recently patched a bunch of high/critical issues in privileged Chrome GPU (their new AI fuzzer). I looked at the code. All the issues require such an uncommon platform functionality, it's
@alisaesage
1 Sept 2025
14859 Impressions
25 Retweets
157 Likes
77 Bookmarks
5 Replies
1 Quote
Google’s AI tool Big Sleep detected a critical use-after-free flaw (CVE-2025-9478) in Chrome’s ANGLE graphics library. The patch boosts security on Windows, macOS, and Linux. No active exploits reported. #BigSleepAI #ChromeUpdate #USA https://t.co/1WebLWdp6i
@TweetThreatNews
29 Aug 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidad en Google Chrome ❗CVE-2025-9478 ➡️Más info: https://t.co/ZGdyIwRPOS https://t.co/j919yC50Sb
@CERTpy
29 Aug 2025
97 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Chromium: CVE-2025-9478 Use after free in ANGLE https://t.co/fvF0qbWP5d #SecQube #cybersecurity
@SecQube
29 Aug 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 Attention all Chromium users! A critical vulnerability (CVE-2025-9478) has been patched—time to update Chrome 139+ and Edge before the web gremlins get you! Don’t let your browser be the weak link! #WindowsForum #SecurityUpdate #PatchItUp https://t.co/QABJguGd3i
@windowsforum
28 Aug 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-9478, a use-after-free in Angle. Angle. It’s Chrome’s graphics layer. Lets you write straight to the GPU. https://t.co/EgSlvNxlgL
@merajwardhan
28 Aug 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Aggiorna subito Google Chrome ⚠️L'ultimo aggiornamento risolve una vulnerabilità di sicurezza classificata come critica: CVE-2025-9478 Versione 139.0.7258.154/.155 per Windows, Mac e Linux https://t.co/rWEueC3z4g https://t.co/V54hMl4GAX
@techworldaleant
28 Aug 2025
120 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
به تازگی آسیب پذیری جدیدی با کد شناسایی CVE-2025-9478 برای یکی از Library های این مرورگر به نام ANGLE با کد شناسایی CVE-2025-9478 منتشر شده است که از نوع RCE می باشد . برای پیشگی
@AmirHossein_sec
28 Aug 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[437825940] Critical CVE-2025-9478: Use after free in ANGLE. Reported by Google Big Sleep on 2025-08-11 Patch: https://t.co/YIpkUvdYI4
@BugsAggregator
28 Aug 2025
1220 Impressions
3 Retweets
7 Likes
5 Bookmarks
0 Replies
0 Quotes
"⚠️ Google Chrome in danger! Hackers can take control of your computer if you DO NOT update NOW! 👨💻🔥" 🚨 Google has just released an emergency update for Chrome! 🔧 💻 Vulnerability with code CVE-2025-9478 allows hackers to execute malicious code remotely!
@ASEN_K_TS
27 Aug 2025
57 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Chrome Use After Free Vulnerability Let Attackers Execute Arbitrary Code Read more: https://t.co/HpIonw0zWi 👉 Google has released an emergency security update for Chrome to address a critical use-after-free vulnerability (CVE-2025-9478) in the ANGLE graphics h
@The_Cyber_News
27 Aug 2025
905 Impressions
5 Retweets
13 Likes
4 Bookmarks
0 Replies
0 Quotes
CVE-2025-9478 Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium sec… https://t.co/2g9vp30xoZ
@CVEnew
26 Aug 2025
339 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D227C26E-2612-4BEC-8C75-E1AF5E0861D1",
"versionEndExcluding": "139.0.7258.154"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]