ISN 2025-33: Chromium Vulnerabilities

First published 12 August 2025

CVSS:3.1: 8.8 (High)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Multiple security vulnerabilities have been found in Chromium, a web browser used in IGEL OS. This affects the following product versions:

• IGEL OS 12

• IGEL OS 11

Details

Two instances of type confusion in Chromium’s JavaScript engine V8 may allow a remote attacker to exploit heap corruption via a crafted HTML page (CVE-2025-8010 and CVE-2025-8011, both rated high). Besides this, the Media Stream component has been found to contain a use-after-free (CVE-2025-8292, high).

Update Instructions

• OS 12: Update to IGEL OS 12 Chromium app version 139.0.7258.66 or newer when available from the IGEL App Portal.

• OS 11: Update to IGEL OS version 11.11.100 when available.

References

• Chrome Releases Blog: https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html

• Chrome Releases Blog: https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_29.html