CVE-2025-8879

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-8879
Heap buffer overflow in libaom in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to potentially exploit heap corruption via a curated set of gestures. (Chromium security severity: High)
CVSS

No CVSS.

References
Link Resource
https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html Release Notes Vendor Advisory
https://issues.chromium.org/issues/432035817 Issue Tracking Permissions Required
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
History

14 Aug 2025, 01:07

Type Values Removed Values Added
References () https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html - () https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html - Release Notes, Vendor Advisory
References () https://issues.chromium.org/issues/432035817 - () https://issues.chromium.org/issues/432035817 - Issue Tracking, Permissions Required
CWE CWE-122
First Time Google
Linux
Microsoft windows
Google chrome
Apple macos
Apple
Linux linux Kernel
Microsoft
CPE cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

13 Aug 2025, 03:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-08-13 03:15

Updated : 2025-08-14 01:07

NVD link : CVE-2025-8879

Mitre link : CVE-2025-8879

JSON object : View

Products Affected

linux

  • linux_kernel

google

  • chrome

microsoft

  • windows

apple

  • macos
CWE

No CWE.