Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
https://www.trendmicro.com/en_us/research/24/l/earth-minotaur.html
https://security.gentoo.org/glsa/201706-20
https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html
https://access.redhat.com/errata/RHSA-2017:1399