Description
Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Product(s):
- Google Chrome
- Google Chrome 0.1.38.1
- Google Chrome 0.1.38.2
- Google Chrome 0.1.38.4
- Google Chrome 0.1.40.1
- Google Chrome 0.1.42.2
- Google Chrome 0.1.42.3
- Google Chrome 0.2.149.27
- Google Chrome 0.2.149.29
- Google Chrome 0.2.149.30
- Google Chrome 0.2.152.1
- Google Chrome 0.2.153.1
- Google Chrome 0.3.154.0
- Google Chrome 0.3.154.3
- Google Chrome 0.4.154.18
- Google Chrome 0.4.154.22
- Google Chrome 0.4.154.31
- Google Chrome 0.4.154.33
- Google Chrome 1.0.154.36
- Google Chrome 1.0.154.39
- Google Chrome 1.0.154.42
- Google Chrome 1.0.154.43
- Google Chrome 1.0.154.46
- Google Chrome 1.0.154.48
- Google Chrome 1.0.154.52
- Google Chrome 1.0.154.53
- Google Chrome 1.0.154.59
- Google Chrome 1.0.154.64
- Google Chrome 1.0.154.65
- Google Chrome 10.0.601.0
- Google Chrome 10.0.602.0
- Google Chrome 10.0.603.0
- Google Chrome 10.0.603.2
- Google Chrome 10.0.603.3
- Google Chrome 10.0.604.0
- Google Chrome 10.0.605.0
- Google Chrome 10.0.606.0
- Google Chrome 10.0.607.0
- Google Chrome 10.0.608.0
- Google Chrome 10.0.609.0
- Google Chrome 10.0.610.0
- Google Chrome 10.0.611.0
- Google Chrome 10.0.611.1
- Google Chrome 10.0.612.0
- Google Chrome 10.0.612.1
- Google Chrome 10.0.612.2
- Google Chrome 10.0.612.3
- Google Chrome 10.0.613.0
- Google Chrome 10.0.614.0
- Google Chrome 10.0.615.0
- Google Chrome 10.0.616.0
- Google Chrome 10.0.617.0
- Google Chrome 10.0.618.0
- Google Chrome 10.0.619.0
- Google Chrome 10.0.620.0
- Google Chrome 10.0.621.0
- Google Chrome 10.0.622.0
- Google Chrome 10.0.622.1
- Google Chrome 10.0.623.0
- Google Chrome 10.0.624.0
- Google Chrome 10.0.625.0
- Google Chrome 10.0.626.0
- Google Chrome 10.0.627.0
- Google Chrome 10.0.628.0
- Google Chrome 10.0.629.0
- Google Chrome 10.0.630.0
- Google Chrome 10.0.631.0
- Google Chrome 10.0.632.0
- Google Chrome 10.0.633.0
- Google Chrome 10.0.634.0
- Google Chrome 10.0.634.1
- Google Chrome 10.0.635.0
- Google Chrome 10.0.636.0
- Google Chrome 10.0.638.0
- Google Chrome 10.0.638.1
- Google Chrome 10.0.639.0
- Google Chrome 10.0.640.0
- Google Chrome 10.0.642.0
- Google Chrome 10.0.642.1
- Google Chrome 10.0.642.2
- Google Chrome 10.0.643.0
- Google Chrome 10.0.644.0
- Google Chrome 10.0.645.0
- Google Chrome 10.0.646.0
- Google Chrome 10.0.647.0
- Google Chrome 10.0.648.0
- Google Chrome 10.0.648.101
- Google Chrome 10.0.648.103
- Google Chrome 10.0.648.105
- Google Chrome 10.0.648.107
- Google Chrome 10.0.648.10
- Google Chrome 10.0.648.114
- Google Chrome 10.0.648.116
- Google Chrome 10.0.648.118
- Google Chrome 10.0.648.119
- Google Chrome 10.0.648.11
- Google Chrome 10.0.648.120
- Google Chrome 10.0.648.121
- Google Chrome 10.0.648.122
- +9088 additional
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2025-7657, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2025-7657 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.