Chrome Stable Channel Out fixing CVE-2025-0611 and CVE-2025-0612

Key Security Fixes

• CVE-2025-0611: Object Corruption in V8
• Description: This vulnerability pertains to an object corruption issue in the V8 JavaScript engine used by Chrome. Object corruption vulnerabilities can lead to unexpected behavior, crashes, or even arbitrary code execution.
• Impact: If exploited, this flaw allows attackers to execute arbitrary code on the targeted system. This means an attacker could potentially take control of the affected system, install malware, or access sensitive information.
• Resolution: The update includes a patch to address the improper handling of objects in V8, preventing potential exploitation.
• CVE-2025-0612: Out-of-Bounds Memory Access in V8
• Description: This issue involves out-of-bounds memory access within the V8 engine. Out-of-bounds vulnerabilities occur when a program reads or writes data outside the boundaries of allocated memory, leading to crashes or arbitrary code execution.
• Impact: Successful exploitation of this vulnerability can result in remote code execution, allowing attackers to perform unauthorized actions on the affected system.
• Resolution: The update corrects the memory access handling to ensure data is read and written within the appropriate memory bounds.
• Various Fixes: The update also includes numerous improvements from internal audits, fuzzing, and other security initiatives aimed at enhancing overall stability and security. These improvements address various lesser-known vulnerabilities and strengthen Chrome’s security posture.

Additional Features and Improvements

HTML and DOM Enhancements

• Popover and Dialog Handling: The update improves the handling of popovers and dialogs in non-active documents. This ensures a more seamless user experience when interacting with dynamic web content.
• Element Upgrades: Enhancements to the HTML and DOM specifications make it easier for developers to work with custom elements and improve the performance of web applications.

CSS Improvements

• Sideways Writing Modes: Support for sideways writing modes has been added, allowing better layout and rendering of content in languages that are written vertically, such as Chinese and Japanese.
• Anchor Positioning Enhancements: The update includes improvements to CSS anchor positioning, providing more precise control over the placement of elements in relation to each other.

Fetch API Updates

• Addition of bytes() Method: The Request and Response interfaces in the Fetch API have been updated with the bytes() method. This addition enhances the ergonomics of working with binary data, making it easier for developers to handle streaming and processing of binary content.