Google Chrome Os vulnerabilities

CVE-2025-6044 [MEDIUM] CWE-287 CVE-2025-6044: An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16 An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on the garaged stylus devices allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen capture feature.

CVE-2025-6179 [CRITICAL] CWE-276 CVE-2025-6179: Permissions Bypass in Extension Management in Google ChromeOS 16181.27.0 on managed Chrome d Permissions Bypass in Extension Management in Google ChromeOS 16181.27.0 on managed Chrome devices allows a local attacker to disable extensions and access Developer Mode, including loading additional extensions via exploiting vulnerabilities using the ExtHang3r and ExtPrint3r tools.

CVE-2025-6177 [HIGH] CWE-269 CVE-2025-6177: Privilege Escalation in MiniOS in Google ChromeOS (16063.45.2 and potentially others) on enrolled de Privilege Escalation in MiniOS in Google ChromeOS (16063.45.2 and potentially others) on enrolled devices allows a local attacker to gain root code execution via exploiting a debug shell (VT3 console) accessible through specific key combinations during developer mode entry and MiniOS access, even when developer mode is blocked by device policy or Firmwa

CVE-2025-2509 [HIGH] CWE-125 CVE-2025-2509: Out-of-Bounds Read in Virglrenderer in ChromeOS 16093.57.0 allows a malicious guest VM to achieve a Out-of-Bounds Read in Virglrenderer in ChromeOS 16093.57.0 allows a malicious guest VM to achieve arbitrary address access within the crosvm sandboxed process, potentially leading to VM escape via crafted vertex elements data triggering an out-of-bounds read in util_format_description.

CVE-2025-1290 [HIGH] CWE-416 CVE-2025-1290: A race condition Use-After-Free vulnerability exists in the virtio_transport_space_update function w A race condition Use-After-Free vulnerability exists in the virtio_transport_space_update function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtio_vsock_sock structure during an AF_VSOCK connect syscall can occur before a worker thread accesses it resulting in a dangling pointer and potential kernel code execution.

CVE-2025-2073 [HIGH] CWE-125 CVE-2025-2073: Out-of-Bounds Read in netfilter/ipset in Linux Kernel ChromeOS [6.1, 5.15, 5.10, 5.4, 4.19] allows a Out-of-Bounds Read in netfilter/ipset in Linux Kernel ChromeOS [6.1, 5.15, 5.10, 5.4, 4.19] allows a local attacker with low privileges to trigger an out-of-bounds read, potentially leading to information disclosure

CVE-2025-1568 [HIGH] CWE-284 CVE-2025-1568: Access Control Vulnerability in Gerrit chromiumos project configuration in Google ChromeOS 16063.87. Access Control Vulnerability in Gerrit chromiumos project configuration in Google ChromeOS 16063.87.0 allows an attacker with a registered Gerrit account to inject malicious code into ChromeOS projects and potentially achieve Remote Code Execution and Denial of Service via editing trusted pipelines by insufficient access controls and misconfigurations i

CVE-2025-1566 [HIGH] CWE-1319 CVE-2025-1566: DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network o DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions.

CVE-2025-1704 [MEDIUM] CWE-416 CVE-2025-1704: ComponentInstaller Modification in ComponentInstaller in Google ChromeOS 15823.23.0 on Chromebooks a ComponentInstaller Modification in ComponentInstaller in Google ChromeOS 15823.23.0 on Chromebooks allows enrolled users with local access to unenroll devices and intercept device management requests via loading components from the unencrypted stateful partition.

CVE-2025-1121 [MEDIUM] CWE-269 CVE-2025-1121: Privilege escalation in Installer and Recovery image handling in Google ChromeOS version 15786.48.2 Privilege escalation in Installer and Recovery image handling in Google ChromeOS version 15786.48.2 on device allows an attacker with physical access to gain root code execution and potentially unenroll enterprise-managed devices via a specially crafted recovery image.

CVE-2019-16508 [HIGH] CWE-190 CVE-2019-16508: The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R7 The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a malicious application. This occurs because of intentional access for the GPU process to /dev/dri/card1 and the PowerVR ioctl handler, as demonstrated by PVR

CVE-2016-5179 [CRITICAL] CWE-119 CVE-2016-5179: Chrome OS before 53.0.2785.144 allows remote attackers to execute arbitrary commands at boot. Chrome OS before 53.0.2785.144 allows remote attackers to execute arbitrary commands at boot.

CVE-2017-15397 [HIGH] CWE-311 CVE-2017-15397: Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a remote Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker in a privileged network position to observe or tamper with certain cleartext HTTP requests by leveraging that position.

CVE-2017-15400 [HIGH] CWE-93 CVE-2017-15400: Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue.

CVE-2017-5084 [LOW] CWE-269 CVE-2017-5084: Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a loc Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint.

CVE-2016-5169 [HIGH] CVE-2016-5169: Format string vulnerability in Google Chrome OS before 53.0.2785.103 allows remote attackers to caus Format string vulnerability in Google Chrome OS before 53.0.2785.103 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2014-3188 [CRITICAL] CWE-94 CVE-2014-3188: Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the int Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in json-parser.h.

CVE-2014-1708 [CRITICAL] CVE-2014-1708: The boot implementation in Google Chrome OS before 33.0.1750.152 does not properly consider file per The boot implementation in Google Chrome OS before 33.0.1750.152 does not properly consider file persistence, which allows remote attackers to execute arbitrary code via unspecified vectors.

CVE-2014-1706 [HIGH] CVE-2014-1706: crosh in Google Chrome OS before 33.0.1750.152 allows attackers to inject commands via unspecified v crosh in Google Chrome OS before 33.0.1750.152 allows attackers to inject commands via unspecified vectors.

CVE-2014-1711 [HIGH] CWE-119 CVE-2014-1711: The GPU driver in the kernel in Google Chrome OS before 33.0.1750.152 allows remote attackers to cau The GPU driver in the kernel in Google Chrome OS before 33.0.1750.152 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.