AI description
CVE-2025-0999 is a high-severity heap buffer overflow vulnerability found in V8, the JavaScript engine used by Google Chrome. It was reported by Seunghyun Lee (@0x10n) on February 4, 2025, and Google awarded $11,000 for the discovery. The vulnerability has been patched in Chrome version 133.0.6943.126/.127 for Windows and Mac, and 133.0.6943.126 for Linux. This update was released to the Stable channel on February 18, 2025. A heap buffer overflow occurs when a program attempts to write data beyond the allocated buffer size on the heap, a region of memory used for dynamic allocation. This can lead to corruption of adjacent memory, potentially allowing for arbitrary code execution. V8's role as the JavaScript engine makes this vulnerability particularly significant, as exploitation could allow malicious JavaScript code to compromise a user's system. Users are strongly encouraged to update their Chrome browsers to the latest version to mitigate this risk.
- Description
- Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
Threat Alert: CVE-2025-0999 &amp- CVE-2025-1426: Chrome's Latest Update Patches Major Security CVE-2025-1006 CVE-2025-1426 CVE-2025-0999 Severity: 🔴 High Maturity: 💢 Emerging Learn more: https://t.co/AR9wrdocjd #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
20 Feb 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0999 Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium … https://t.co/KzFE0wS0ZF
@CVEnew
19 Feb 2025
216 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
wow... (CVE-2025-0999)[$11000][394350433][wasm-to-js]Heap-BoF(overflowing the uint16_t input_count) "...can create an op with more than 2^16-1 inputs, which breaks Turboshaft's implementation limit.." https://t.co/SzK0m3pNV8 https://t.co/IwR4IhCDC3 https://t.co/eZ5sl92zav @0x10n
@xvonfers
19 Feb 2025
1146 Impressions
3 Retweets
22 Likes
5 Bookmarks
0 Replies
0 Quotes
Google Chrome update on Feb 18 includes 3 security fixes. one fixed in v8. [$11000][394350433] CVE-2025-0999: Heap buffer overflow in V8. Reported by Seunghyun Lee (@0x10n) on 2025-02-04👏 https://t.co/PwP9CF8C4y
@Andrei09230811
19 Feb 2025
2121 Impressions
2 Retweets
35 Likes
9 Bookmarks
0 Replies
0 Quotes
CVE-2025-0999 & CVE-2025-1426: Chrome’s Latest Update Patches Major Security Risks https://t.co/gYoVZJpfPM
@Dinosn
19 Feb 2025
2007 Impressions
8 Retweets
7 Likes
2 Bookmarks
0 Replies
0 Quotes
Chrome安定版で重要なセキュリティ更新。CVE-2025-0999はV8 JavaScriptエンジンにおけるヒープバッファオーバーフロー。CVE-2025-1426はGPUプロセスにおけるヒープバッファオーバーフロー。CVE-2025-1006はNetworkコンポーネントにおける開放後メモリ使用。 https://t.co/H30Jjm75k8
@__kokumoto
19 Feb 2025
880 Impressions
3 Retweets
5 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-0999 & CVE-2025-1426: Chrome's Latest Update Patches Major Security Risks The recent #Google #Chrome update tackles CVE-2025-0999, a serious heap buffer overflow. Update your browser now. https://t.co/phUwRidH1o
@the_yellow_fall
19 Feb 2025
253 Impressions
2 Retweets
1 Like
2 Bookmarks
0 Replies
0 Quotes