CVE-2025-13952 GPU DDK - libusc UAF via WebGPU shaders at MergeConsecutiveBarriersBP

A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the...

PT-2024-3654 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 125.0.6422.60 Description: The issue is related to a use after free in the Dawn component, allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could be achieved throu...