Google has recently delivered the Chrome 90 stable channel release (90.0.4430.93) for Windows, Mac, and Linux, to address a V8 vulnerability along with eight other vulnerabilities on Tuesday.
High-Severity Chrome 90 RCE vulnerability:
Detailing the vulnerability, it is tracked as CVE-2021-21227 and has been classified as a high-severity V8 bug that could facilitate a malicious actor with remote code execution(RCE) abilities in a user’s browser.
According to Google, the vulnerability was a consequence of insufficient data validation in V8 but has refrained from providing additional details.
Regarding the threat posed by the critical V8 vulnerability, Gengming Liu has noted that it restricts a malicious actor from escaping the sandbox where Chrome 90 operates.
This means that the attackers won’t be able to reach other programs, data, and applications on the targeted device or endpoint using Chrome 90.
As a result, the V8 vulnerability would need to be tethered with another vulnerability to successfully hack the target’s machine beyond the browser itself.
The researcher also stated that the discovery is associated with prior, now-patched V8 vulnerabilities (CVE-2020-16040 and CVE-2020-15965). The initially facilitates a remote actor to exploit heap corruption if a user visits, or is redirected to, a specially crafted web page.
Other Chrome patch updates:
Below listed are the tracking IDs and details of the vulnerabilities patched by Google for the Chrome 90 update:
- CVE-2021-21227: Insufficient-data-validation vulnerability that exists in the V8 component.
- CVE-2021-21228: Insufficient-policy-enforcement vulnerability that exists in extensions.
- CVE-2021-21229: Incorrect-security-UI vulnerability exists in downloads.
- CVE-2021-21230: Type-confusion vulnerability exists in the V8 component.
- CVE-2021-21231: Insufficient-data-validation vulnerability exists in the V8 component.
- CVE-2021-21232: Use-after-free vulnerability that exists in Dev Tools component.
- CVE-2021-21233: Heap-buffer-overflow vulnerability that exists in the ANGLE component.
The Chrome 90 updates will roll out over the next days and weeks.