CVE-2021-30528 – This is a use-after-free vulnerability in Chrom... (How to Fix)

Q: What is the severity of CVE-2021-30528?

CVE-2021-30528 has a CVSS score of 8.8 (HIGH). This is a use-after-free vulnerability in Chrome's WebAuthentication API on Android that allows heap corruption. Attackers who compromise the renderer process can exploit it via crafted HTML pages to potentially execute arbitrary code. Only affects Android users with saved credit cards in their Google account who run Chrome versions before 91.0.4472.77.

📋 TL;DR

This is a use-after-free vulnerability in Chrome's WebAuthentication API on Android that allows heap corruption. Attackers who compromise the renderer process can exploit it via crafted HTML pages to potentially execute arbitrary code. Only affects Android users with saved credit cards in their Google account who run Chrome versions before 91.0.4472.77.

💻 Affected Systems

Products:

Google Chrome

Versions: All versions prior to 91.0.4472.77

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects users who have saved credit card information in their Google account. Desktop Chrome and other platforms are not affected.

📦 What is this software?

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full sandbox escape leading to arbitrary code execution with renderer process privileges, potentially compromising the entire device.

🟠

Likely Case

Limited impact due to the specific requirement of renderer process compromise and saved credit card data, but could lead to data theft or further privilege escalation.

🟢

If Mitigated

Minimal impact if Chrome is updated, sandboxing works properly, and users don't have saved payment information.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires renderer process compromise first, then exploitation via crafted HTML page. Proof-of-concept details available in security publications.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 91.0.4472.77

Vendor Advisory: https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html

Restart Required: Yes

Instructions:

1. Open Google Play Store 2. Search for Chrome 3. Tap Update if available 4. Alternatively, enable auto-updates in Play Store settings 5. Restart Chrome after update

🔧 Temporary Workarounds

Disable saved payment methods

android

Remove saved credit cards from Google account to eliminate attack vector

Open Chrome settings > Payment methods > Remove saved cards

Use alternative browser

android

Temporarily switch to a different browser until Chrome is updated

🧯 If You Can't Patch

Implement network filtering to block malicious HTML pages
Use application control to restrict Chrome usage to trusted sites only

🔍 How to Verify

Check if Vulnerable:

Check Chrome version in Settings > About Chrome. If version is below 91.0.4472.77, system is vulnerable.

Check Version:

chrome://version/ in Chrome address bar

Verify Fix Applied:

Confirm Chrome version is 91.0.4472.77 or higher in Settings > About Chrome.

📡 Detection & Monitoring

Log Indicators:

Chrome crash reports with WebAuthentication-related stack traces
Unexpected renderer process terminations

Network Indicators:

Unusual HTML page loads triggering WebAuthentication API calls
Suspicious iframe or script loads

SIEM Query:

source="chrome_crash_reports" AND (process="renderer" OR module="WebAuthentication")

📊 Metadata

CVE ID: CVE-2021-30528

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-416

Published: June 7, 2021

Last Updated: November 21, 2024

🔗 References

http://packetstormsecurity.com/files/172844/Chrome-Sandbox-Escape.html
https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html Release Notes,Vendor Advisory
https://crbug.com/1206329 Exploit,Issue Tracking,Patch,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/
https://security.gentoo.org/glsa/202107-06 Third Party Advisory
http://packetstormsecurity.com/files/172844/Chrome-Sandbox-Escape.html
https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html Release Notes,Vendor Advisory
https://crbug.com/1206329 Exploit,Issue Tracking,Patch,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/
https://security.gentoo.org/glsa/202107-06 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-30528, you might also want to check these: