Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2026/VULN234 _____________________________________________________________________ DATE : 27/02/2026 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running ChromeOS / ChromeOS Flex versions prior to 16552.47.0. ===================================================================== https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-chromeos_26.html _____________________________________________________________________ Stable Channel Update for ChromeOS / ChromeOS Flex Thursday, February 26, 2026 M-145, ChromeOS version 16552.47.0 (Browser version 145.0.7632.154) has rolled out to ChromeOS devices on the Stable channel. If you find new issues, please let us know one of the following ways: File a bug Visit our ChromeOS communities General: Chromebook Help Community Beta Specific: ChromeOS Beta Help Community Report an issue or send feedback on Chrome Interested in switching channels? Find out how. Security Fixes and Rewards ChromeOS Vulnerability Rewards Program Reported Bug Fixes: N/A Other 3rd Party Security Fixes Included: High Fixes CVE-2025-38349 kernel Use-After-Free (UAF) fix High Fixes CVE-2025-0932 potential UAF in the ARM shader compiler reachable through WebGPU High Fixes CVE-2025-21704 buffer size check in the USB CDC-ACM driver Android Security fixes can be found here Chrome Browser Security Fixes: [$TBD] [478560268] High CVE-2026-2314 blink_avif_decoder_fuzzer: Heap-buffer-overflow in InterpolateRow_Any_AVX2 on 2026-01-25 [$1000.0] [470928605] Low CVE-2026-2322 On Ubuntu (or other Linux-based systems) an attacker can steal files uploaded to other sites with little user interaction. on 2025-12-22 [$500.0] [467442136] Low CVE-2026-2323 when the filename contains a very long with special character can break/remove the extension of file in download buble Reported by [[goes here]] on 2025-12-09 [$8000.0] [467297219] High CVE-2026-2313 Use-After-Poison in RouteMap::UpdateActiveRoutes on 2025-12-09 [$2000.0] [464173573] Medium CVE-2026-2317 KeyframeEffect constructor leaks UA shadow root. Reported by [Brendan Draper] on 2025-11-27 [$TBD] [461877477] Medium CVE-2026-2321 heap-use-after-free : base::ScopedObservationTraits::RemoveObserver on 2025-11-18 [$TBD] [435684924] Medium CVE-2026-2320 Security: Compromised renderer can read files through file picker dialog with kSave mode + prefilled filename Reported by [Alesandro Ortiz https://AlesandroOrtiz.com] on 2025-08-01 [$5000.0] [422531206] Medium CVE-2026-2316 Intersection Observer v2 API fails to correctly determine target's visibility for dynamically changed z-indexes, enabling clickjacking against Google One Tap Reported by [Luan Herrera (@lbherrera_)] on 2025-06-04 [$1000.0] [363930141] Medium CVE-2026-2318 User can unknowingly Execute External File Hidden behind PiP during Interaction Reported by [Shaheen Fazim] on 2024-09-02 [$1000.0] [40071155] Medium CVE-2026-2319 UAF in v8_inspector DomainDispatcherImpl on 2023-09-01 [$TBD] [483569511] High CVE-2026-2441 Heap-use-after-free in blink::FontFeatureValuesMapIterationSource::FetchNextItem Reported by [Shaheen Fazim] on 2026-02-11 [$11000.0] [481074858] High CVE-2026-2649 V8: Integer Truncation in Turboshaft PhiOp input_count via WASM br_table Reported by [JunYoung Park(@candymate) of KAIST Hacking Lab] on 2026-02-02 [$11000.0] [477033835] High CVE-2026-2648 PDFium heap-buffer-overflow at opj_j2k_read_sod Reported by [soiax] on 2026-01-19 [$TBD] [476461867] Medium CVE-2026-2650 media_pipeline_integration_fuzzer: Heap-buffer-overflow in media::AudioBuffer::AudioBuffer on 2026-01-17 Andy Wu Google ChromeOS ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================