CVE-2021-30542
📋 TL;DR
This is a use-after-free vulnerability in Google Chrome's Tab Strip component that allows heap corruption. Attackers can exploit it by convincing users to install a malicious extension and then visit a crafted HTML page. All Chrome users prior to version 91.0.4472.77 are affected.
💻 Affected Systems
- Google Chrome
📦 What is this software?
Chrome by Google
Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...
Learn more about Chrome →Fedora by Fedoraproject
Fedora by Fedoraproject
Fedora by Fedoraproject
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to full system compromise, data theft, or ransomware deployment.
Likely Case
Browser crash, memory corruption, or limited code execution within the browser sandbox.
If Mitigated
No impact if Chrome is updated to patched version or malicious extensions are blocked.
🎯 Exploit Status
Requires social engineering to install malicious extension plus crafted HTML page. Heap corruption exploitation requires additional steps.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 91.0.4472.77
Vendor Advisory: https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html
Restart Required: Yes
Instructions:
1. Open Chrome. 2. Click three-dot menu → Help → About Google Chrome. 3. Chrome will automatically check for and install updates. 4. Click 'Relaunch' when prompted.
🔧 Temporary Workarounds
Disable extension installation
allPrevent users from installing extensions to block the initial attack vector.
# Group Policy: ExtensionInstallBlocklist = *
# Chrome policy: ExtensionInstallBlacklist = ["*"]
Restrict extension sources
allOnly allow extensions from Chrome Web Store.
# Group Policy: ExtensionInstallSources = ["https://chrome.google.com/webstore/*"]
🧯 If You Can't Patch
- Implement application whitelisting to block unauthorized Chrome extensions.
- Use network filtering to block access to untrusted websites that could host malicious HTML.
🔍 How to Verify
Check if Vulnerable:
Check Chrome version in Settings → About Chrome. If version is below 91.0.4472.77, system is vulnerable.Check Version:
google-chrome --version (Linux) or "C:\Program Files\Google\Chrome\Application\chrome.exe" --version (Windows)Verify Fix Applied:
Confirm Chrome version is 91.0.4472.77 or higher in About Chrome page.📡 Detection & Monitoring
Log Indicators:
- Chrome crash reports with memory corruption signatures
- Unexpected extension installation events
Network Indicators:
- Downloads from untrusted extension sources
- Connections to known malicious domains hosting crafted HTML
SIEM Query:
source="chrome" AND (event="crash" OR event="extension_install")🔗 References
- https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html
- https://crbug.com/1184954
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WKQDE3PWDKASAPSUJYMOQGL73L3YQRFS/
- https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html
- https://crbug.com/1184954
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WKQDE3PWDKASAPSUJYMOQGL73L3YQRFS/
