CVE-2020-6543 – This is a use-after-free vulnerability in Googl... (How to Fix)

Q: What is the severity of CVE-2020-6543?

CVE-2020-6543 has a CVSS score of 8.8 (HIGH). This is a use-after-free vulnerability in Google Chrome's task scheduling component that allows remote attackers to potentially exploit heap corruption. Attackers can trigger this by tricking users into visiting a malicious HTML page, potentially leading to arbitrary code execution. All users running vulnerable Chrome versions are affected.

📋 TL;DR

This is a use-after-free vulnerability in Google Chrome's task scheduling component that allows remote attackers to potentially exploit heap corruption. Attackers can trigger this by tricking users into visiting a malicious HTML page, potentially leading to arbitrary code execution. All users running vulnerable Chrome versions are affected.

💻 Affected Systems

Products:

Google Chrome

Versions: All versions prior to 84.0.4147.125

Operating Systems: Windows, macOS, Linux, Android, iOS

Default Config Vulnerable: ⚠️ Yes

Notes: All standard Chrome installations are vulnerable. Chrome extensions or security settings do not mitigate this vulnerability.

📦 What is this software?

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the Chrome process, potentially leading to full system compromise if combined with privilege escalation vulnerabilities.

🟠

Likely Case

Browser crash (denial of service) or limited code execution within Chrome's sandbox, potentially allowing data theft or further exploitation.

🟢

If Mitigated

No impact if Chrome is fully patched or if exploit attempts are blocked by security controls.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires user interaction (visiting malicious page) but no authentication. The bug report suggests exploitation is feasible.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 84.0.4147.125 and later

Vendor Advisory: https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop.html

Restart Required: Yes

Instructions:

1. Open Chrome. 2. Click the three-dot menu. 3. Go to Help > About Google Chrome. 4. Chrome will automatically check for and install updates. 5. Click Relaunch to restart Chrome with the updated version.

🔧 Temporary Workarounds

Disable JavaScript

all

Prevents exploitation by disabling JavaScript execution, which is required for the crafted HTML page to trigger the vulnerability.

Use Chrome's Site Isolation

all

Enhances sandboxing to limit potential impact if exploitation occurs.

🧯 If You Can't Patch

Restrict web browsing to trusted sites only using network policies or browser extensions.
Implement application whitelisting to prevent unauthorized Chrome execution or use alternative browsers temporarily.

🔍 How to Verify

Check if Vulnerable:

Check Chrome version: If version is below 84.0.4147.125, the system is vulnerable.

Check Version:

chrome://version/ (in Chrome address bar) or 'google-chrome --version' (Linux terminal)

Verify Fix Applied:

Confirm Chrome version is 84.0.4147.125 or higher.

📡 Detection & Monitoring

Log Indicators:

Chrome crash reports
Unexpected process termination events
Security event logs showing exploit attempts

Network Indicators:

Traffic to known malicious domains hosting exploit code
Unusual HTML/JavaScript patterns in web traffic

SIEM Query:

source="chrome" AND (event_type="crash" OR message="*use-after-free*" OR message="*heap corruption*")

📊 Metadata

CVE ID: CVE-2020-6543

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-416

Published: September 21, 2020

Last Updated: November 21, 2024

🔗 References

https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop.html Release Notes,Vendor Advisory
https://crbug.com/1104046 Permissions Required,Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EE7XWIZBME7JAY7N6CGPET4CLNHHEIVT/
https://security.gentoo.org/glsa/202101-30 Third Party Advisory
https://www.debian.org/security/2021/dsa-4824 Third Party Advisory
https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop.html Release Notes,Vendor Advisory
https://crbug.com/1104046 Permissions Required,Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EE7XWIZBME7JAY7N6CGPET4CLNHHEIVT/
https://security.gentoo.org/glsa/202101-30 Third Party Advisory
https://www.debian.org/security/2021/dsa-4824 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-6543, you might also want to check these: