CVE-2020-15960 – This vulnerability is a heap buffer overflow in... (How to Fix)

Q: What is the severity of CVE-2020-15960?

CVE-2020-15960 has a CVSS score of 8.8 (HIGH). This vulnerability is a heap buffer overflow in Google Chrome's storage component that allows remote attackers to potentially perform out-of-bounds memory access via a crafted HTML page. It affects all users running Chrome versions prior to 85.0.4183.121. Successful exploitation could lead to arbitrary code execution or browser crashes.

📋 TL;DR

This vulnerability is a heap buffer overflow in Google Chrome's storage component that allows remote attackers to potentially perform out-of-bounds memory access via a crafted HTML page. It affects all users running Chrome versions prior to 85.0.4183.121. Successful exploitation could lead to arbitrary code execution or browser crashes.

💻 Affected Systems

Products:

Google Chrome

Versions: All versions prior to 85.0.4183.121

Operating Systems: Windows, macOS, Linux, Chrome OS

Default Config Vulnerable: ⚠️ Yes

Notes: All Chrome installations with default settings are vulnerable. Chromium-based browsers may also be affected.

📦 What is this software?

Backports Sle by Opensuse

View all CVEs affecting Backports Sle →

Backports Sle by Opensuse

View all CVEs affecting Backports Sle →

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the same privileges as the Chrome process, potentially leading to full system compromise if Chrome is running with elevated privileges.

🟠

Likely Case

Browser crash (denial of service) or limited memory corruption leading to information disclosure.

🟢

If Mitigated

No impact if Chrome is fully patched or if exploit attempts are blocked by security controls.

🌐 Internet-Facing: HIGH - Attackers can exploit via malicious websites without user interaction beyond visiting the site.

🏢 Internal Only: MEDIUM - Requires user to visit malicious internal pages or compromised internal sites.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting malicious HTML pages, but no public proof-of-concept has been released.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 85.0.4183.121 and later

Vendor Advisory: https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html

Restart Required: Yes

Instructions:

1. Open Chrome and click the three-dot menu. 2. Go to Help > About Google Chrome. 3. Chrome will automatically check for updates and install version 85.0.4183.121 or later. 4. Click 'Relaunch' to restart Chrome with the update.

🔧 Temporary Workarounds

Disable JavaScript

all

Prevents execution of malicious JavaScript that could trigger the vulnerability

chrome://settings/content/javascript

Use Site Isolation

all

Enables site isolation to limit impact of memory corruption

chrome://flags/#enable-site-per-process

🧯 If You Can't Patch

Use alternative browsers until Chrome can be updated
Implement web filtering to block known malicious sites

🔍 How to Verify

Check if Vulnerable:

Check Chrome version: If version is less than 85.0.4183.121, system is vulnerable.

Check Version:

chrome://version/ or 'google-chrome --version' on Linux

Verify Fix Applied:

Verify Chrome version is 85.0.4183.121 or higher after update.

📡 Detection & Monitoring

Log Indicators:

Chrome crash reports
Memory access violation errors in system logs

Network Indicators:

Requests to known malicious domains hosting exploit code

SIEM Query:

source="chrome" AND (event="crash" OR event="memory_violation")

📊 Metadata

CVE ID: CVE-2020-15960

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: September 21, 2020

Last Updated: November 21, 2024

🔗 References

http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00087.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00095.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00096.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00049.html Mailing List,Third Party Advisory
https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html Release Notes,Vendor Advisory
https://crbug.com/1100136 Exploit,Issue Tracking,Patch,Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FN7HZIGAOCZKBT4LV363BCPRA5FLY25I/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNIYFJST4TFJYFZ27VODBOINCLBGULTD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWNBJFBPKYCYSZTS54FHNCRZG6KC2AIJ/
https://security.gentoo.org/glsa/202009-13 Third Party Advisory
https://security.gentoo.org/glsa/202101-30 Third Party Advisory
https://www.debian.org/security/2021/dsa-4824 Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00087.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00095.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00096.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00049.html Mailing List,Third Party Advisory
https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html Release Notes,Vendor Advisory
https://crbug.com/1100136 Exploit,Issue Tracking,Patch,Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FN7HZIGAOCZKBT4LV363BCPRA5FLY25I/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNIYFJST4TFJYFZ27VODBOINCLBGULTD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWNBJFBPKYCYSZTS54FHNCRZG6KC2AIJ/
https://security.gentoo.org/glsa/202009-13 Third Party Advisory
https://security.gentoo.org/glsa/202101-30 Third Party Advisory
https://www.debian.org/security/2021/dsa-4824 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-15960, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Backports Sle by Opensuse

Backports Sle by Opensuse

Chrome by Google

Debian Linux by Debian

Fedora by Fedoraproject

Fedora by Fedoraproject

Fedora by Fedoraproject

Leap by Opensuse

Leap by Opensuse

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable JavaScript

Use Site Isolation

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities