Chrome Update: Google Patches High-Severity Use-After-Free in Media Stream (CVE-2025-8292)
Do Son 
Google has announced a Stable Channel update for Chrome Desktop, pushing version 138.0.7204.183/.184 to users on Windows and Mac, and 138.0.7204.183 to Linux. The update is being rolled out incrementally over the coming days and weeks to ensure a smooth transition and maximum user protection.
As with most Chrome updates, the details of the vulnerabilities remain under wraps—at least until the majority of users have received the fix. This practice helps protect those still running outdated versions from opportunistic threat actors.
Of the four security fixes included in this update, CVE-2025-8292 is a high-severity Use-After-Free vulnerability in Chrome’s Media Stream component.
This flaw was responsibly reported by an anonymous researcher on June 19, 2025, and earned a bounty of $8,000 under Google’s Vulnerability Reward Program.
Use-after-free vulnerabilities arise when a program continues to use a memory location after it has been freed, opening the door for attackers to manipulate that memory and potentially execute arbitrary code. When such flaws affect media stream handling—a component heavily used in video conferencing, screen sharing, and live content—they present serious privacy and security risks.
If you’re a Chrome user on Windows, macOS, or Linux, your browser will automatically update in the background—but you can accelerate the process by navigating to: Chrome Menu > Help > About Google Chrome.
Once the update is downloaded, restart your browser to apply the fixes.
Related Posts:
- Chrome Releases Stable Channel Update Addressing High Security Vulnerabilities
- Chrome 132 Arrives: 16 Security Fixes in Latest Stable Release
- Mozilla releases emergency update to fix two exploited zero-day vulnerabilities in Firefox
- VmWare release the patch to fix use-after-free and integer-overflow vulnerabilities
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
