Several significant vulnerabilities have been addressed in recent updates to Google Chrome and the Linux kernel. In Google Chrome prior to version 125.0.6422.141, an out-of-bounds memory access in the browser’s UI allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, particularly when the user was convinced to engage in specific UI gestures. Another vulnerability in Chrome, specifically a type confusion issue in the V8 JavaScript engine prior to version 126.0.6478.114, permitted remote attackers to execute arbitrary code through a crafted HTML page. In the Linux kernel, a vulnerability in the __dst_negative_advice() function was resolved, which previously failed to enforce proper Read-Copy-Update (RCU) rules when clearing sk->dst_cache. This oversight could lead to a Use-After-Free (UAF) scenario. The vulnerability was particularly problematic in UDP socket operations, and the fix involved ensuring that sk_dst_reset(sk) is correctly implemented across all negative advice methods. This update, which was acknowledged by Clement Lecigne, ensures the robustness and security of the network stack in the Linux kernel.