Impact
Use after free condition in Chrome's Touchbar code occurs when a previously freed object is accessed again. An attacker can deliver a specially crafted HTML page that triggers this use after free, potentially allowing the attacker to escape the browser sandbox and execute code with host‑level privileges. The weakness is labeled CWE‑416 and the security severity is high. Such an escape could compromise confidentiality, integrity, and availability of the affected system.
Affected Systems
The vulnerability affects Google Chrome running on macOS before the patch version 150.0.7871.47. All earlier stable channel builds that include the Touchbar functionality are vulnerable. The affected product is Google Chrome for macOS, with affected versions up to and including 150.0.7871.46.
Risk and Exploitability
The CVSS score is not provided, but the vulnerability is classified as high severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is remote: a malicious webpage can be served to a user who has Chrome open. Exploitation requires that the user visits a page containing the crafted HTML. Once the use after free occurs, the attacker may escape the sandbox, potentially leading to remote code execution. Due to the absence of publicly known exploit code, the actual exploitation risk remains uncertain but significant.
OpenCVE Enrichment