Description
Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a local attacker to potentially exploit heap corruption via physical access to the device. (Chromium security severity: Critical)
Published: 2026-06-08
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free flaw exists in Chrome’s Ozone rendering engine that can corrupt heap memory and potentially allow a local attacker with physical access to execute arbitrary code or crash the browser. Based on the description, it is inferred that executing code is possible, though the advisory does not explicitly confirm this capability.

Affected Systems

Google Chrome versions that precede 149.0.7827.103 on any platform that uses the Ozone graphics stack are affected. Users running older releases of Chrome are potentially exposed to this flaw.

Risk and Exploitability

Chromium rates the issue as Critical, but the CVSS score of 6.8 indicates moderate overall severity. It requires local access and a user physically present at the device, limiting remote exploitation. No public exploits have been reported and the vulnerability is not included in the CISA KEV catalog. The EPSS score of <1% indicates a very low exploitation probability, but the moderate severity still warrants patching where local access is possible.

Generated by OpenCVE AI on June 11, 2026 at 03:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 149.0.7827.103 or later. This patch fixes the Ozone use‑after‑free flaw.
  • Enforce strict physical security controls to limit local access to the device, thereby reducing the opportunity for a local attacker to exploit the flaw.
  • Enable Chrome’s sandbox and harden OS‑level security (e.g., AppArmor or SELinux profiles) to mitigate potential memory‑corruption impacts.

Generated by OpenCVE AI on June 11, 2026 at 03:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6337-1 chromium security update
History

Thu, 11 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Title chromium-browser: Use after free in Ozone
Weaknesses CWE-825
References
Metrics threat_severity

None

 threat_severity

Important

Tue, 09 Jun 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Tue, 09 Jun 2026 04:15:00 +0000

Type Values Removed Values Added
Title Local Use‑After‑Free in Chrome Ozone Rendering Engine Leading to Heap Corruption

Tue, 09 Jun 2026 02:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.8, 'vector': 'CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 01:45:00 +0000

Type Values Removed Values Added
Title Local Use‑After‑Free in Chrome Ozone Rendering Engine Leading to Heap Corruption

Tue, 09 Jun 2026 00:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Mon, 08 Jun 2026 23:45:00 +0000

Type Values Removed Values Added
Description Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a local attacker to potentially exploit heap corruption via physical access to the device. (Chromium security severity: Critical)
Weaknesses CWE-416
References

Subscriptions

Apple Macos
Google Chrome
Linux Linux Kernel
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-06-09T01:51:39.968Z

Reserved: 2026-06-08T21:33:31.447Z

Link: CVE-2026-11628

cve-icon Vulnrichment

Updated: 2026-06-09T01:51:23.984Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-09T00:16:45.270

Modified: 2026-06-09T14:54:37.583

Link: CVE-2026-11628

cve-icon Redhat

Severity : Important

Publid Date: 2026-06-08T00:00:00Z

Links: CVE-2026-11628 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T03:30:03Z

Weaknesses