⚠ Actively exploited
Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..

CVE-2020-16010Out-of-bounds Write in Google Chrome

CWE-787Out-of-bounds WriteCWE-122Heap-based Buffer Overflow14 documents9 sources
Severity
9.6CRITICALNVD
VulnCheck8.8
EPSS
19.6%
top 4.57%
CISA KEV
KEV
Added 2021-11-03
Due 2022-05-03
Exploit
Exploited in wild
Active exploitation observed
Affected products
3
Google ChromeDebian ChromiumGoogle Chrome Chrome
Timeline
PublishedNov 3
KEV addedNov 3
KEV dueMay 3
Latest updateMay 24
CISA Required Action: Apply updates per vendor instructions.

Description

Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 2.8 | Impact: 6.0

Affected Packages4 packages

CVEListV5google/chromeunspecified86.0.4240.185
NVDgoogle/chrome< 86.0.4240.185

🔴Vulnerability Details

7
GHSA
GHSA-x9cj-gxph-5cgf: Heap buffer overflow in UI in Google Chrome on Android prior to 862022-05-24
Project0
In-the-Wild Series: October 2020 0-day discovery - Project Zero2021-03-01
VulnCheck
Google Chrome for Android UI Heap Buffer Overflow Vulnerability2020
VulnCheck
Google Chrome FreeType Heap Buffer Overflow Vulnerability2020
Project0
Project Zero RCA: CVE-2020-16010: Chrome for Android ConvertToJavaBitmap Heap Buffer Overflow

📋Vendor Advisories

4
CISA
Google Chrome for Android UI Heap Buffer Overflow Vulnerability2021-11-03
CISA
Google Chrome FreeType Heap Buffer Overflow Vulnerability2021-11-03
Chrome
Chrome for Android Update: CVE-2020-160102020-11-02
Debian
CVE-2020-16010: chromium - Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 al...2020

🕵️Threat Intelligence

2
Qualys
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys2022-02-23
Tenable
CVE-2020-15999, CVE-2020-17087: Google Chrome FreeType and Microsoft Windows Kernel Zero Days Exploited in the Wild2020-11-02