July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Public PoC Released for Critical Linux Kernel Bug
March 25, 2025Multiple Intel Products Vulnerabilities
March 25, 2025Public PoC Released for Critical Linux Kernel Bug
March 25, 2025Multiple Intel Products Vulnerabilities
March 25, 2025
Severity
High
Analysis Summary
CVE-2025-2476 CVSS:8.8
Use after free in Lens in Google Chrome prior to 134.0.6998.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2024-56191 CVSS:8.4
Google Android could allow a local attacker to gain elevated privileges on the system, caused by an integer overflow in dhd_process_full_gscan_result of dhd_pno.c.
CVE-2024-56192 CVSS:8.4
Google Android could allow a local attacker to gain elevated privileges on the system, caused by an out-of-bounds write due to a missing bounds check in wl_notify_gscan_event of wl_cfgscan.c.
CVE-2024-56187 CVSS:8.2
Google Android could allow a local authenticated attacker to obtain sensitive information, caused by arbitrary read from TEE memory due to a logic error in the code in ppcfw_deny_sec_dram_access of ppcfw.c.
CVE-2024-56188 CVSS:7.5
Google Android is vulnerable to a denial of service, caused by a modem crash due to a missing null check.
Impact
- Code Execution
- Privilege Escalation
- Information Disclosure
- Denial of Service
- Gain Access
Indicators of Compromise
CVE
CVE-2025-2476
CVE-2024-56191
CVE-2024-56192
CVE-2024-56187
CVE-2024-56188
Affected Vendors
Affected Products
- Google Android
- Google Chrome - 134.0
Remediation
Upgrade to the latest version, available from the Google Website.