CVE-2021-36773
📋 TL;DR
This vulnerability allows malicious websites to cause denial of service in uBlock Origin and uMatrix browser extensions through crafted filter rules that trigger unbounded recursion. This can consume excessive memory and disable all blocking functionality. Users of affected versions are vulnerable when visiting malicious sites.
💻 Affected Systems
- uBlock Origin
- uMatrix
📦 What is this software?
Nmatrix by Sciruby
Ublock Origin by Ublockorigin
Umatrix by Umatrix Project
⚠️ Risk & Real-World Impact
Worst Case
Complete browser tab crash or browser instability due to memory exhaustion, with all content filtering disabled allowing malicious content through
Likely Case
Browser tab becomes unresponsive, requiring tab closure, with temporary loss of ad/tracker blocking until browser restart
If Mitigated
No impact if using patched versions or if malicious site is blocked by other security measures
🎯 Exploit Status
Exploitation requires only visiting a malicious website with crafted filter rules
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: uBlock Origin 1.36.2+, uMatrix 4.4.9+
Vendor Advisory: https://github.com/gorhill/uBlock/releases/tag/1.36.2
Restart Required: No
Instructions:
1. Open browser extensions page 2. Check for updates for uBlock Origin/uMatrix 3. Update to latest version 4. Reload browser tabs if needed
🔧 Temporary Workarounds
Disable strict blocking
allTemporarily disable strict blocking mode in extension settings
Use alternative ad blocker
allTemporarily switch to different ad blocking extension
🧯 If You Can't Patch
- Disable the affected extensions until patched
- Use browser's built-in tracking protection as temporary alternative
🔍 How to Verify
Check if Vulnerable:
Check extension version in browser extensions page: uBlock Origin < 1.36.2 or uMatrix < 4.4.9Check Version:
Browser-specific: chrome://extensions/ or about:addonsVerify Fix Applied:
Confirm extension version is uBlock Origin ≥ 1.36.2 or uMatrix ≥ 4.4.9📡 Detection & Monitoring
Log Indicators:
- Browser crash logs showing memory exhaustion
- Extension error logs with recursion depth warnings
Network Indicators:
- Unusual filter rule requests with deep nesting patterns
SIEM Query:
Browser extension logs containing 'ublock' or 'umatrix' with error codes related to memory or recursion🔗 References
- https://github.com/vtriolet/writings/blob/main/posts/2021/ublock_origin_and_umatrix_denial_of_service.adoc
- https://lists.debian.org/debian-lts-announce/2022/06/msg00024.html
- https://news.ycombinator.com/item?id=27833752
- https://github.com/vtriolet/writings/blob/main/posts/2021/ublock_origin_and_umatrix_denial_of_service.adoc
- https://lists.debian.org/debian-lts-announce/2022/06/msg00024.html
- https://news.ycombinator.com/item?id=27833752
