CVE-2025-1918
📋 TL;DR
This vulnerability allows a remote attacker to read memory outside the intended buffer boundaries in Chrome's PDF rendering engine (PDFium) by tricking a user into opening a malicious PDF file. All Chrome users on affected versions are vulnerable when viewing PDFs, which could lead to information disclosure or system compromise. The severity is rated Medium by Chromium but CVSS 8.8 indicates high risk.
💻 Affected Systems
- Google Chrome
- Chromium-based browsers
📦 What is this software?
Chrome by Google
Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...
Learn more about Chrome →⚠️ Risk & Real-World Impact
Worst Case
Arbitrary code execution leading to full system compromise, data theft, or ransomware deployment through memory corruption chained with other vulnerabilities.
Likely Case
Information disclosure through memory leaks, application crashes (denial of service), or limited data exfiltration from browser memory.
If Mitigated
Application crash with no data loss if sandboxing and other Chrome security features contain the exploit.
🎯 Exploit Status
Exploitation requires user interaction (opening a PDF) but no authentication. Out-of-bounds read vulnerabilities often require chaining with other bugs for full exploitation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 134.0.6998.35 and later
Vendor Advisory: https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html
Restart Required: Yes
Instructions:
1. Open Chrome. 2. Click three-dot menu → Help → About Google Chrome. 3. Chrome will automatically check for and install updates. 4. Click 'Relaunch' to restart Chrome with the patched version.
🔧 Temporary Workarounds
Disable built-in PDF viewer
allForce Chrome to download PDFs instead of rendering them internally
chrome://settings/content/pdfDocuments → Toggle 'Download PDF files instead of automatically opening them in Chrome'
Use alternative PDF viewer
allConfigure external PDF applications to handle PDF files
🧯 If You Can't Patch
- Block PDF file downloads at network perimeter using content filtering
- Implement application allowlisting to prevent unauthorized Chrome usage
🔍 How to Verify
Check if Vulnerable:
Check Chrome version: if below 134.0.6998.35, system is vulnerableCheck Version:
chrome://version/ or 'google-chrome --version' (Linux/macOS)Verify Fix Applied:
Confirm Chrome version is 134.0.6998.35 or higher after update📡 Detection & Monitoring
Log Indicators:
- Chrome crash reports with PDFium-related stack traces
- Unexpected Chrome process termination when viewing PDFs
Network Indicators:
- PDF file downloads from untrusted sources
- Unusual PDF file sizes or structures
SIEM Query:
source="chrome" AND (event="crash" OR event="error") AND process="chrome" AND message="*PDFium*" OR message="*out_of_bounds*"