CVE-2025-8292

Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVSS

No CVSS.

References

Link	Resource
https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_29.html	Release Notes
https://issues.chromium.org/issues/426054987	Issue Tracking Permissions Required

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:apple:macos:-:::::::*
	cpe:2.3:o:linux:linux_kernel:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

History

01 Aug 2025, 14:37

Type	Values Removed	Values Added
First Time		Google Linux Microsoft windows Google chrome Apple macos Apple Linux linux Kernel Microsoft
CPE		cpe:2.3:o:microsoft:windows:-:::::::* cpe:2.3:o:linux:linux_kernel:-:::::::* cpe:2.3:o:apple:macos:-:::::::* cpe:2.3:a:google:chrome::::::::
References	~~() https://issues.chromium.org/issues/426054987 -~~	() https://issues.chromium.org/issues/426054987 - Issue Tracking, Permissions Required
References	~~() https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_29.html -~~	() https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_29.html - Release Notes

30 Jul 2025, 15:15

Type	Values Removed	Values Added
CWE	~~CWE-416~~

30 Jul 2025, 02:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-30 02:17

Updated : 2025-08-01 14:37

NVD link : CVE-2025-8292

Mitre link : CVE-2025-8292

JSON object : View

Products Affected

linux

linux_kernel

google

chrome

microsoft

windows

apple

macos

CWE

No CWE.

JSON object

Attach tags to CVE-2025-8292

Attach tags to `CVE-2025-8292`