CVE-2021-30604
📋 TL;DR
This is a use-after-free vulnerability in ANGLE (Almost Native Graphics Layer Engine) component of Google Chrome that allows heap corruption. Attackers can exploit it by tricking users into visiting a malicious HTML page, potentially leading to arbitrary code execution. All Chrome users prior to version 92.0.4515.159 are affected.
💻 Affected Systems
- Google Chrome
- Chromium-based browsers
📦 What is this software?
Chrome by Google
Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...
Learn more about Chrome →Fedora by Fedoraproject
Fedora by Fedoraproject
Fedora by Fedoraproject
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution with the same privileges as the Chrome process, potentially leading to full system compromise, data theft, or ransomware deployment.
Likely Case
Browser crash (denial of service) or limited code execution within Chrome's sandbox, potentially enabling further exploitation chains.
If Mitigated
No impact if Chrome is fully patched or if exploit attempts are blocked by security controls.
🎯 Exploit Status
Exploitation requires user interaction (visiting malicious page) but no authentication. Use-after-free vulnerabilities typically require careful memory manipulation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 92.0.4515.159 and later
Vendor Advisory: https://chromereleases.googleblog.com/2021/08/stable-channel-update-for-desktop.html
Restart Required: Yes
Instructions:
1. Open Chrome. 2. Click the three-dot menu → Help → About Google Chrome. 3. Chrome will automatically check for and apply updates. 4. Click 'Relaunch' when prompted.
🔧 Temporary Workarounds
Disable ANGLE graphics backend
allDisables the vulnerable ANGLE component by forcing Chrome to use alternative graphics backends
chrome --use-gl=desktop
chrome --use-gl=osmesa
Disable WebGL
allPrevents exploitation by disabling WebGL functionality that uses ANGLE
chrome --disable-webgl
🧯 If You Can't Patch
- Use browser isolation technology to render web content in isolated containers
- Implement strict web filtering to block known malicious sites and untrusted content
🔍 How to Verify
Check if Vulnerable:
Check Chrome version: if below 92.0.4515.159, system is vulnerableCheck Version:
google-chrome --version (Linux) or chrome://version (all platforms)Verify Fix Applied:
Confirm Chrome version is 92.0.4515.159 or higher📡 Detection & Monitoring
Log Indicators:
- Chrome crash reports with ANGLE-related stack traces
- Unexpected Chrome process termination
Network Indicators:
- Requests to known malicious domains hosting exploit code
- Unusual outbound connections after visiting suspicious sites
SIEM Query:
source="chrome" AND (event="crash" OR event="process_termination") AND message="*ANGLE*"🔗 References
- https://chromereleases.googleblog.com/2021/08/stable-channel-update-for-desktop.html
- https://crbug.com/1234829
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LVY4WIWTVVYKQMROJJS365TZBKEARCF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPJPUSAWIJMQFBQQQYXAICLI4EKFQOH6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QW4R2K5HVJ4R6XDZYOJCCFPIN2XHNS3L/
- https://chromereleases.googleblog.com/2021/08/stable-channel-update-for-desktop.html
- https://crbug.com/1234829
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LVY4WIWTVVYKQMROJJS365TZBKEARCF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPJPUSAWIJMQFBQQQYXAICLI4EKFQOH6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QW4R2K5HVJ4R6XDZYOJCCFPIN2XHNS3L/
