CVE-2021-4055 – This vulnerability is a heap buffer overflow in... (How to Fix)

Q: What is the severity of CVE-2021-4055?

CVE-2021-4055 has a CVSS score of 8.8 (HIGH). This vulnerability is a heap buffer overflow in Google Chrome extensions that allows an attacker to potentially exploit heap corruption. It affects users who install malicious extensions in Chrome versions prior to 96.0.4664.93, potentially leading to arbitrary code execution.

📋 TL;DR

This vulnerability is a heap buffer overflow in Google Chrome extensions that allows an attacker to potentially exploit heap corruption. It affects users who install malicious extensions in Chrome versions prior to 96.0.4664.93, potentially leading to arbitrary code execution.

💻 Affected Systems

Products:

Google Chrome
Chromium-based browsers

Versions: All versions prior to 96.0.4664.93

Operating Systems: Windows, Linux, macOS, Chrome OS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability requires user to install a malicious extension; default Chrome installation without malicious extensions is not vulnerable.

📦 What is this software?

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise via arbitrary code execution with user privileges, potentially leading to data theft, ransomware deployment, or lateral movement.

🟠

Likely Case

Malicious extension gains elevated privileges to steal sensitive data, install additional malware, or manipulate browser behavior.

🟢

If Mitigated

Limited impact if extensions are restricted to trusted sources only and Chrome is kept updated.

🌐 Internet-Facing: HIGH - Attackers can host malicious extensions on websites and trick users into installing them.

🏢 Internal Only: MEDIUM - Risk exists if users install extensions from untrusted internal sources or external attackers gain internal access.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to install malicious extension; no public exploit code is known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 96.0.4664.93 and later

Vendor Advisory: https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html

Restart Required: Yes

Instructions:

1. Open Chrome and click the three-dot menu. 2. Go to Help > About Google Chrome. 3. Chrome will automatically check for updates and install version 96.0.4664.93 or later. 4. Click 'Relaunch' to restart Chrome with the update.

🔧 Temporary Workarounds

Restrict Extension Installation

all

Configure Chrome to only allow extensions from the Chrome Web Store or disable extension installation entirely.

Navigate to chrome://extensions/, enable 'Developer mode', and restrict installation sources via Group Policy or registry settings.

Remove Suspicious Extensions

all

Review and remove any extensions that are not from trusted sources or that you don't recognize.

Navigate to chrome://extensions/ and remove any suspicious extensions by clicking 'Remove'.

🧯 If You Can't Patch

Implement strict extension whitelisting policies to only allow approved extensions from trusted sources.
Use application control solutions to block execution of older Chrome versions and enforce browser security policies.

🔍 How to Verify

Check if Vulnerable:

Check Chrome version by navigating to chrome://version/ and verifying version is below 96.0.4664.93.

Check Version:

On Windows: "chrome://version/"; On Linux/macOS: open Chrome and go to chrome://version/

Verify Fix Applied:

Confirm Chrome version is 96.0.4664.93 or higher via chrome://version/.

📡 Detection & Monitoring

Log Indicators:

Unusual extension installation events in Chrome logs
Crash reports from Chrome with heap corruption signatures

Network Indicators:

Downloads of Chrome extension files (.crx) from untrusted sources
Connections to known malicious extension repositories

SIEM Query:

source="chrome_logs" AND (event="extension_install" AND source_url NOT CONTAINS "chrome.google.com/webstore")

📊 Metadata

CVE ID: CVE-2021-4055

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: December 23, 2021

Last Updated: November 21, 2024

🔗 References

https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html Vendor Advisory
https://crbug.com/1266510 Permissions Required
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W46HRT2UVHWSLZB6JZHQF6JNQWKV744/
https://security.gentoo.org/glsa/202208-25 Third Party Advisory
https://www.debian.org/security/2022/dsa-5046 Third Party Advisory
https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html Vendor Advisory
https://crbug.com/1266510 Permissions Required
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W46HRT2UVHWSLZB6JZHQF6JNQWKV744/
https://security.gentoo.org/glsa/202208-25 Third Party Advisory
https://www.debian.org/security/2022/dsa-5046 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-4055, you might also want to check these: