CVE-2021-30606 — Use After Free in Chromium

CWE-416 — Use After Free4 documents4 sources

Severity

8.8HIGH

No vector

EPSS

0.8%

top 25.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Chromium Google Chrome Chrome Msrc Microsoft Edge

Timeline

PublishedSep 14

Latest updateMay 24

Description

Chromium: CVE-2021-30606 Use after free in Blink Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? | Microsoft Edge Version | Date Released | Based on Chromium Version | | ----- | ----- | ----- | | 93.0.961.38 | 9/2/2021 | 93.0.4577.63 | FAQ: Why is this Chrome CVE included in the Security Update Guide?…

Affected Packages3 packages

▶msrcmsrc/microsoft_edge

▶debiandebian/chromium< chromium 93.0.4577.82-1 (bookworm)

▶googlegoogle/chrome_chrome

🔴Vulnerability Details

GHSA

GHSA-gppg-373r-fpj5: Use after free in Blink in Google Chrome prior to 93↗2022-05-24

▶

📋Vendor Advisories

Microsoft

Chromium: CVE-2021-30606 Use after free in Blink↗2021-09-14

▶

Chrome

Stable Channel Update for Desktop: CVE-2021-30606↗2021-08-31

▶

Debian

CVE-2021-30606: chromium - Chromium: CVE-2021-30606 Use after free in Blink↗2021

▶