Google Chrome Blink setBaseAndExtent use after free vulnerability [CVE-2021-30625]

December 2, 2021 Duncan 1848 Views 0 Comments CVE-2021-30625, Google, Google Chrome 0 min read

CVE number = CVE-2021-30625

A use-after-free vulnerability exists in the Selection API of Blink rendering engine in Google Chrome 92.0.4515.131 (Stable) and 94.0.4597.1 (Canary).

A specially-crafted web page can trigger reuse of previously freed memory which can lead to arbitrary code execution.

Victim would need to visit a malicious website to trigger this vulnerability.

Tested Versions

Google Chrome 92.0.4515.131 (Stable)
Google Chrome 94.0.4597.1 (Canary)

Duncan

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Google Chrome Blink setBaseAndExtent use after free vulnerability [CVE-2021-30625]

Tested Versions

Like this:

Related Posts

Duncan

Leave a ReplyCancel reply

Tested Versions

Share this:

Like this:

Related Posts

Duncan

Leave a ReplyCancel reply