Google Chrome V8 Bug Allows Remote Code-Execution

by | Apr 29, 2021

Reading Time: 1 Minute

Google’s Chrome browser has several security vulnerabilities that could pave the way to multiple types of attacks, including a V8 bug that could allow remote code execution (RCE) within a user’s browser.

 

 

The high-severity V8 issue is tracked as CVE-2021-21227, and was reported by Gengming Liu from Singular Security Lab. Google describes the bug as “insufficient data validation in V8” but is keeping other details close to its vest.

However, Liu told SecurityWeek that the bug is somewhat mitigated by the fact that it doesn’t allow attackers to escape the sandbox where Chrome runs, meaning attackers can’t reach any of the other program, data and applications on the computer. Thus, CVE-2021-21227 would need to be chained with another vulnerability in order to successfully wreak havoc on a target’s machine beyond the browser itself.

The researcher also noted that his discovery is related to prior, now-patched V8 vulnerabilities (CVE-2020-16040 and CVE-2020-15965). The first allows a remote attacker to exploit heap corruption if a user visits, or is redirected to, a specially crafted web page. The latter is a type-confusion bug that allows a remote attacker to potentially perform out of bounds memory access, also exploitable with a specially crafted HTML page.

 

See Also: Apple Patches Zero-Day MacOS Bug That Can Bypass Anti-Malware Defenses

 

 

Meanwhile, according to another report, the implications of an attack using the bug depends on the privileges associated with the application: In the worst-case scenario, an attacker could view, change or delete data.

And, if someone has turned off sandboxing, all bets are off.

Google recently patched a zero-day in Chrome (for which a researcher dropped code on Twitter). That was another V8 issue that allowed RCE inside the browser app (but not sandbox escape).

 

See Also: Offensive Security Tool: ADFSBrute

 

 

Nine Chrome 90 Patches to Roll Out

 

Details of all nine of the Google Chrome vulnerabilities are as follows. They affect Chrome and possibly other browsers, like Microsoft Edge, that use the Chromium framework:

  • CVE-2021-21227: Insufficient-data-validation vulnerability that exists in the V8 component.
  • CVE-2021-21228: Insufficient-policy-enforcement vulnerability that exists in extensions.
  • CVE-2021-21229: Incorrect-security-UI vulnerability exists in downloads.
  • CVE-2021-21230: Type-confusion vulnerability exists in the V8 component.
  • CVE-2021-21231: Insufficient-data-validation vulnerability exists in the V8 component.
  • CVE-2021-21232: Use-after-free vulnerability that exists in Dev Tools component.
  • CVE-2021-21233: Heap-buffer-overflow vulnerability that exists in the ANGLE component.

 

See Also: Hacking Stories: Xbox Underground

 

 

 

Google has addressed the flaws in its latest stable channel release (90.0.4430.93) for Windows, Mac and Linux, delivered on Tuesday. The Chrome 90 updates will roll out over the next days and weeks, the search giant said.

 

 

Source: threatpost.com

 

 

(Click Link)

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!


Information Security Solutions

Find out how Pentesting Services can help you.


Join our Community

Share This