Description
Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: Medium)
Published: 2026-05-20
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A heap buffer overflow exists in the Chromecast component of Google Chrome on Android, Linux, and ChromeOS for builds prior to 148.0.7778.179. The vulnerability allows a local user to inject malicious network traffic that can trigger a buffer overflow and lead to arbitrary code execution inside a Chrome sandboxed process. This flaw falls under CWE‑122 (heap-based buffer overflow) and CWE‑120 (improper buffer size calculation). Chromium labels the issue as medium severity. The impact is that the code runs with the privileges to Chrome’s sandbox, which can enable broader system compromise if privilege escalation is possible.

Affected Systems

The affected products include Google Chrome deployed on Android devices, Linux distributions, and ChromeOS devices running versions older than 148.0.7778.179. Users on these platforms that have not applied the latest patch are at risk.

Risk and Exploitability

The vulnerability requires that an attacker has local access to the device and can generate network traffic directed at Chrome’s Chromecast interface. No publicly documented exploits exist, which is reflected in the EPSS score of less than 1%, indicating a low probability of exploitation. The CVSS score of 7.5 denotes high severity. Because the flaw is limited to the Chrome sandbox, the potential damage is confined to what the sandbox permits, but the local nature of the attack makes immediate action important.

Generated by OpenCVE AI on May 29, 2026 at 04:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Google Chrome to version 148.0.7778.179 or later, which removes the buffer overflow bug.
  • If a patch cannot be applied immediately, disable the Chromecast feature in Chrome or configure the corresponding policy to block local discovery of network devices.
  • Configure network filtering rules to prevent unexpected local or network traffic from reaching the Chromecast service until the vulnerability is remediated.

Generated by OpenCVE AI on May 29, 2026 at 04:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6287-1 chromium security update
History

Fri, 29 May 2026 00:15:00 +0000

Type Values Removed Values Added
Title Local Heap Buffer Overflow in Chromecast Allows Code Execution chromium-browser: Heap buffer overflow in Chromecast
Weaknesses CWE-120
References
Metrics threat_severity

None

 threat_severity

Moderate

Thu, 21 May 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Google android
Google chrome Os
Linux
Linux linux Kernel
CPEs cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Vendors & Products Google android
Google chrome Os
Linux
Linux linux Kernel

Wed, 20 May 2026 22:00:00 +0000

Type Values Removed Values Added
Title Local Heap Buffer Overflow in Chromecast Allows Code Execution

Wed, 20 May 2026 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Wed, 20 May 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 20 May 2026 19:30:00 +0000

Type Values Removed Values Added
Description Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: Medium)
Weaknesses CWE-122
References

Subscriptions

Google Android Chrome Chrome Os
Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-21T03:55:52.038Z

Reserved: 2026-05-20T17:39:25.277Z

Link: CVE-2026-9123

cve-icon Vulnrichment

Updated: 2026-05-20T19:32:17.920Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-20T20:16:45.170

Modified: 2026-06-05T17:25:17.257

Link: CVE-2026-9123

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-05-19T00:00:00Z

Links: CVE-2026-9123 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T04:45:36Z

Weaknesses