Introduction
A critical Use After Free in Google Chrome's Proxy component can let an attacker with a privileged network position escape the browser sandbox, turning what should be an isolated rendering context into a foothold on the underlying system. With Chrome commanding roughly 66.7 percent of the global desktop browser market as of March 2026, the sheer number of endpoints exposed to CVE-2026-6297 makes this one of the more consequential fixes in the April 2026 Stable channel update.
Technical Information
Root Cause: Use After Free in the Proxy Subsystem
CVE-2026-6297 is classified under CWE-416 (Use After Free). This class of vulnerability occurs when a program continues to reference memory after it has been freed. Depending on the state of the heap at the time of the dangling dereference, exploitation can cause a crash, produce unexpected values, or grant an attacker arbitrary code execution.
The vulnerable component is Chrome's Proxy subsystem. Based on the architecture of Chromium's networking stack, the affected code path likely resides under net/proxy_resolution/ or services/network/. In this scenario, a proxy related object is freed during normal processing, but a pointer to that object persists and is later dereferenced. If an attacker can influence the contents of the freed memory region (for example, through heap spraying triggered by the crafted HTML page), they can redirect execution flow.
Why Sandbox Escape Matters
The NVD description explicitly states this vulnerability enables a sandbox escape. Chrome's multi-process architecture isolates the renderer process from the rest of the system using a sandbox. For a Use After Free in the Proxy component to cross that boundary, the freed object's code path must span the interface between the renderer process and the browser process (or the network service process). This is what elevates the severity from a typical renderer bug to a critical finding.
CISA-ADP assigned a CVSS v3.1 vector of AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H, yielding a score of 8.3 HIGH. The S:C (Scope: Changed) component directly reflects the sandbox escape: the vulnerability's impact extends beyond the security scope of the vulnerable component.
Attack Flow
- Network positioning: The attacker must occupy a privileged network position. This could mean operating a malicious Wi-Fi access point, performing ARP spoofing on a local network, or controlling an upstream proxy server.
- Proxy interaction: From this position, the attacker can influence or inject proxy related responses that Chrome's networking layer processes.
- Crafted HTML delivery: The attacker serves or redirects the victim to a crafted HTML page. This page triggers the specific code path in the Proxy component where the Use After Free condition exists.
- Memory corruption: The freed proxy object is dereferenced. If the attacker has arranged for controlled data to occupy the freed memory (via heap manipulation techniques embedded in the HTML payload), they gain control of execution.
- Sandbox escape: Because the vulnerable code path crosses the renderer/browser process boundary, successful exploitation breaks out of Chrome's sandbox, potentially allowing code execution with the privileges of the browser process.
Context: A Dense Cluster of Critical Fixes
CVE-2026-6297 was not the only critical vulnerability patched on April 15, 2026. The release included 31 security fixes, five of which were rated Critical:
| CVE ID | Component | Vulnerability Type | Reporter | Bounty |
|---|---|---|---|---|
| CVE-2026-6296 | ANGLE | Heap buffer overflow | cinzinga | $90,000 |
| CVE-2026-6297 | Proxy | Use after free | heapracer | $10,000 |
| CVE-2026-6298 | Skia | Heap buffer overflow | 86ac1f1587b71893ed2ad792cd7dde32 | TBD |
| CVE-2026-6299 | Prerender | Use after free | N/A | |
| CVE-2026-6358 | XR | Use after free | Jihyeon Jeong | TBD |
The concentration of memory safety bugs across ANGLE, Skia, Prerender, and XR alongside the Proxy UAF underscores the breadth of this particular release.
Patch Information
Google addressed CVE-2026-6297 through the Chrome Stable channel update released on April 15, 2026, bringing the browser to version 147.0.7727.101 for Linux and 147.0.7727.101/102 for Windows and macOS. The fix was shipped as a point release on the existing Chrome 147 branch (branch-heads/7727) rather than a full milestone release, signaling the urgency with which the Chromium team treated this flaw.
The vulnerability is tracked in the Chromium issue tracker under issue 493628982. As is standard practice for Chromium security bugs of this severity, the bug tracker entry remains access restricted to prevent exploitation while the patch propagates globally.
Examining the Chromium source repository's git log between tags 147.0.7727.100 and 147.0.7727.101 reveals that the release includes several cherry picked security fixes. While multiple UAF fixes were cherry picked into this build, including fixes for ServiceWorkerContextCore and FileSystemAccessChangeSource, the specific Proxy component fix for CVE-2026-6297 does not appear under an explicitly labeled commit message. This is consistent with how the Chromium project handles its most sensitive security fixes: they are often rolled into the release branch via batched "Roll commits from side projects" merges (two such roll commits, 483802f and 707f814, appear in this release's log), deliberately obscuring the exact change to limit the window for adversary reverse engineering.
Because Chrome auto updates, most consumer users will receive this patch without manual intervention. Users and administrators can verify they are protected by confirming their Chrome version is 147.0.7727.101 or later via chrome://settings/help. Chromium based browsers (e.g., Microsoft Edge, Brave, Opera) that consume the upstream Chromium codebase will need to integrate these fixes from the 7727 branch independently.
Organizations should prioritize patching for devices that frequently connect to untrusted or public networks, given that the attack vector requires a privileged network position. No vendor workarounds or alternative mitigations have been published; patching remains the only confirmed remediation.
Affected Systems and Versions
The following versions and configurations are affected:
- Google Chrome for Linux: All versions prior to 147.0.7727.101
- Google Chrome for Windows: All versions prior to 147.0.7727.101/102
- Google Chrome for macOS: All versions prior to 147.0.7727.101/102
- Chromium based browsers (Microsoft Edge, Brave, Opera, and others): Any builds that have not yet integrated the fix from the
branch-heads/7727branch are potentially vulnerable
The vulnerability is exploitable when a user on an affected version visits a crafted HTML page while an attacker occupies a privileged network position.
Vendor Security History
The April 15, 2026 release containing the fix for CVE-2026-6297 included 31 security fixes total, with five rated Critical. This density of critical memory safety bugs in a single release is notable. Google's Vulnerability Rewards Program continues to be a key driver of external security research on Chrome. For this specific vulnerability, Google awarded $10,000 to the researcher "heapracer" who reported the issue on March 17, 2026. For comparison, CVE-2026-6296 (a heap buffer overflow in ANGLE reported in the same release cycle) earned a $90,000 bounty, one of the larger Chrome VRP payouts we have seen.
Google employs a SecurityEmbargo hotlist to restrict transparency on highly sensitive bugs indefinitely, ensuring that embedders and users have time to patch before technical details become public. This practice is reflected in the restricted status of issue 493628982.
