ChromeOS Multiple Vulnerabilities

Release Date: 24 Jul 2025

RISK: Extremely High Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and security restriction bypass on the targeted system.

 

Note:

CVE-2025-6558 is being exploited in the wild. Incorrect validation of untrusted input in ANGLE and GPU.

---

Impact

• Remote Code Execution
• Denial of Service
• Security Restriction Bypass

---

System / Technologies affected

• ChromeOS version 16238.62.0 （Browser version 136.0.7103.150）

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor. For detail, please refer to the link below:

• https://chromereleases.googleblog.com/2025/07/stable-chanel-update-for-chromeos.html

---

Vulnerability Identifier

• CVE-2025-6044
• CVE-2025-6555
• CVE-2025-6556
• CVE-2025-6558
• CVE-2025-7656
• CVE-2025-7657

---

Source

• Chrome

---

Related Link

• https://chromereleases.googleblog.com/2025/07/stable-chanel-update-for-chromeos.html