CVE-2021-30516
📋 TL;DR
This CVE describes a heap buffer overflow vulnerability in Google Chrome's History component that allows a remote attacker who has already compromised the renderer process to potentially exploit heap corruption. Attackers could execute arbitrary code or cause denial of service via a crafted HTML page. All Chrome users prior to version 90.0.4430.212 are affected.
💻 Affected Systems
- Google Chrome
- Chromium-based browsers
📦 What is this software?
Chrome by Google
Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...
Learn more about Chrome →Fedora by Fedoraproject
Fedora by Fedoraproject
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to full system compromise, data theft, or ransomware deployment
Likely Case
Arbitrary code execution within the Chrome sandbox, potentially leading to privilege escalation or lateral movement
If Mitigated
Limited impact due to Chrome's sandboxing, potentially causing browser crashes or denial of service
🎯 Exploit Status
Exploitation requires chaining with another vulnerability to compromise the renderer process first. The heap overflow itself could be weaponized once initial access is achieved.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 90.0.4430.212 and later
Vendor Advisory: https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop.html
Restart Required: Yes
Instructions:
1. Open Chrome and click the three-dot menu
2. Go to Help > About Google Chrome
3. Chrome will automatically check for updates and install version 90.0.4430.212 or later
4. Click 'Relaunch' to restart Chrome with the fix
🔧 Temporary Workarounds
Disable JavaScript
allPrevents execution of malicious JavaScript that could trigger the vulnerability
chrome://settings/content/javascript
Use Site Isolation
allEnhances Chrome's sandboxing to limit impact of renderer compromises
chrome://flags/#enable-site-per-process (enable)
🧯 If You Can't Patch
- Restrict browser usage to trusted websites only
- Implement application whitelisting to prevent unauthorized Chrome execution
🔍 How to Verify
Check if Vulnerable:
Check Chrome version in Help > About Google Chrome. If version is below 90.0.4430.212, system is vulnerable.Check Version:
google-chrome --version (Linux) or "C:\Program Files\Google\Chrome\Application\chrome.exe" --version (Windows)Verify Fix Applied:
Confirm Chrome version is 90.0.4430.212 or higher in Help > About Google Chrome.📡 Detection & Monitoring
Log Indicators:
- Chrome crash reports with memory corruption errors
- Unexpected Chrome process termination
- Suspicious history API calls
Network Indicators:
- Requests to known malicious domains hosting exploit code
- Unusual outbound connections from Chrome processes
SIEM Query:
source="chrome_logs" AND (event="crash" OR event="memory_corruption") AND version<"90.0.4430.212"🔗 References
- https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop.html
- https://crbug.com/1201446
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/
- https://security.gentoo.org/glsa/202107-06
- https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop.html
- https://crbug.com/1201446
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/
- https://security.gentoo.org/glsa/202107-06
