CVE-2021-4102
published 2022-02-11CVE-2021-4102: Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
PriorityP182high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2021-12-29
Exploited in the wild
EPSS
7.84%
93.9th percentile
Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 97.0.4692.71-0.1~deb11u1 | 97.0.4692.71-0.1~deb11u1 |
| chromium | chromium | >= 0 < 97.0.4692.71-0.1 | 97.0.4692.71-0.1 |
| chromium | chromium | >= 0 < 97.0.4692.71-0.1 | 97.0.4692.71-0.1 |
| chromium | chromium | >= 0 < 97.0.4692.71-0.1 | 97.0.4692.71-0.1 |
| debian | chromium | < chromium 97.0.4692.71-0.1 (bookworm) | chromium 97.0.4692.71-0.1 (bookworm) |
| chrome | < 96.0.4664.110 | 96.0.4664.110 | |
| chrome | >= unspecified < 96.0.4664.110 | 96.0.4664.110 | |
| chrome_chrome | — | — | |
| msrc | microsoft_edge | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2021-4102 is actively exploited in the wild via a crafted HTML page triggering use-after-free in V8; exploitation confirmed by Google and CISA KEV ↗
- →Vulnerability is triggered via a crafted HTML page delivered remotely, enabling heap corruption through V8 use-after-free ↗
- →Multiple Chromium-based browsers are affected (Chrome, Edge, Opera); scope detection broadly across all Chromium consumers below version 96.0.4664.110 ↗
- ·Exploit was reported anonymously on 2021-12-09 and no public PoC or sample hashes are available in the sources; no network-level IOCs (IPs, domains, URLs) have been published for this CVE ↗
- ·CISA remediation deadline was 2021-12-29; any unpatched Chrome/Edge/Opera below Chromium 96.0.4664.110 remains in scope for this vulnerability ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.8HIGH
vulncheck8.8HIGH
cisa8.8HIGH
vendor_debian8.8HIGH
vendor_msrc8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA
Google Chromium V8 Use-After-Free Vulnerability
cisa·2021-12-15·CVSS 8.8
CVE-2021-4102 [HIGH] CWE-416 Google Chromium V8 Use-After-Free Vulnerability
Vulnerability: Google Chromium V8 Use-After-Free Vulnerability
Affected: Google Chromium V8
Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-4102
Remediation Due Date: 2021-12-29
Microsoft
Chromium: CVE-2021-4102 Use after free in V8
vendor_msrc·2021-12-14·CVSS 8.8
CVE-2021-4102 [HIGH] Chromium: CVE-2021-4102 Use after free in V8
Chromium: CVE-2021-4102 Use after free in V8
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware of reports that an exploit for CVE-2021-4102 exists in the wild.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
96.0.1054.57
12/14/2021
96.0.4664.110
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-base
Chrome
Stable Channel Update for Desktop: CVE-2021-4101
vendor_chrome·2021-12-13·CVSS 8.8
CVE-2021-4101 [HIGH] Stable Channel Update for Desktop: CVE-2021-4101
Stable Channel Update for Desktop
CVE-2021-4101: Heap buffer overflow in Swiftshader. Reported by Abraruddin Khan and Omair on 2021-10-21 [$TBD][ 1278387 ] High CVE-2021-4102: Use after free in V8
Reported by Anonymous on 2021-12-09 Google is aware of reports that an exploit for CVE-2021-4102 exists in the wild
Severity: high
Debian
CVE-2021-4102: chromium - Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote at...
vendor_debian·2021·CVSS 8.8
CVE-2021-4102 [HIGH] CVE-2021-4102: chromium - Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote at...
Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Scope: local
bookworm: resolved (fixed in 97.0.4692.71-0.1)
bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1)
forky: resolved (fixed in 97.0.4692.71-0.1)
sid: resolved (fixed in 97.0.4692.71-0.1)
trixie: resolved (fixed in 97.0.4692.71-0.1)
GHSA
GHSA-vjvx-2q28-pjv2: Use after free in V8 in Google Chrome prior to 96
ghsa_unreviewed·2022-02-13
CVE-2021-4102 [HIGH] CWE-416 GHSA-vjvx-2q28-pjv2: Use after free in V8 in Google Chrome prior to 96
Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
OSV
CVE-2021-4102: Use after free in V8 in Google Chrome prior to 96
osv·2022-02-11·CVSS 8.8
CVE-2021-4102 [HIGH] CVE-2021-4102: Use after free in V8 in Google Chrome prior to 96
Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
VulnCheck
Google Chromium V8 Use-After-Free Vulnerability
vulncheck·2021·CVSS 8.8
CVE-2021-4102 [HIGH] CWE-416 Google Chromium V8 Use-After-Free Vulnerability
Google Chromium V8 Use-After-Free Vulnerability
Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Affected: Google Chromium V8
Required Action: Apply updates per vendor instructions.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2021-12-29
Project0
Project Zero RCA: CVE-2021-4102: Chrome incorrect node elision in Turbofan leads to unexpected WriteBarrier elision
project_zero·CVSS 8.8
CVE-2021-4102 [HIGH] Project Zero RCA: CVE-2021-4102: Chrome incorrect node elision in Turbofan leads to unexpected WriteBarrier elision
# CVE-2021-4102: Chrome incorrect node elision in Turbofan leads to unexpected WriteBarrier elision
Brendon Tiszka, Chrome
## The Basics
**Disclosure or Patch Date:** December 13, 2021
**Product:** Google Chrome
**Advisory:** https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html
**Affected Versions:** pre 96.0.4664.110
**First Patched Version:** 96.0.4664.110
**Issue/Bug Report:** [crbug.com/1278387](https://crbug.com/1278387)
**Patch CL:** https://chromium-review.googlesource.com/c/v8/v8/+/3329790
**Bug-Introducing CL:** https://codereview.chromium.org/1908093002
**Reporter(s):** Anonymous
## The Code
**Proof-of-concepts:**
```javascript
let mark_sweep = () => {
new ArrayBuffer(2**34);
}
let scavenge = () => {
let ref = new ArrayBuffer(16777
No detection rules found.
No public exploits indexed.
Qualys
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys
blogs_qualys·2022-02-23
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys
#### Table of Contents
- Situation
- Directive Scope
- CISA Catalog of Known Exploited Vulnerabilities
- Detect CISA Vulnerabilities Using Qualys VMDR
- CISA Exploited RTI
- Detailed Operational Dashboard
- Remediation
- Federal Enterprises and Agencies Can Act Now
- Summary
- Getting Started
CISA released a directive in November 2021, recommending urgent and prioritized remediation of actively exploited vulnerabilities. Both government agencies and corporations should heed this advice. This blog outlines how Qualys Vulnerability Management, Detection & Response can be used by any organization to respond to this directive efficiently and effectively.
## Situation
Last November 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directiv
Talos
Threat Source Newsletter (Dec. 16, 2021)
blogs_talos·2021-12-10
Threat Source Newsletter (Dec. 16, 2021)
## Threat Source Newsletter (Dec. 16, 2021)
Good afternoon, Talos readers.
I'm just going to cut to the chase since I know all anyone wants to read about is Log4J. For the latest Talos research, continually check back on our blog post here . Above is the live stream we recorded Monday morning updating everyone on the situation, but of course, a lot has already changed since then. Which is why Beers with Talos will be returning for a live recording Friday at noon ET . You can join us on any of our social media platforms or over on our YouTube page .
This will be the last Threat Source newsletter of 2021 as we head into the holiday break. We hope everyone is able to put Log4J behind them at least for a few days and enjoy some quality time with friends and family.
## Cybersecurity week in
Talos
Threat Source Newsletter (Dec. 16, 2021)
blogs_talos·2021-12-10
Threat Source Newsletter (Dec. 16, 2021)
Good afternoon, Talos readers.
I'm just going to cut to the chase since I know all anyone wants to read about is Log4J. For the latest Talos research, continually check back on our blog post here. Above is the live stream we recorded Monday morning updating everyone on the situation, but of course, a lot has already changed since then. Which is why Beers with Talos will be returning for a live recording Friday at noon ET. You can join us on any of our social media platforms or over on our YouTube page.
This will be the last Threat Source newsletter of 2021 as we head into the holiday break. We hope everyone is able to put Log4J behind them at least for a few days and enjoy some quality time with friends and family.
## Cybersecurity week in review
- The Log4j vulnerability made national
https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.htmlhttps://crbug.com/1278387https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.htmlhttps://crbug.com/1278387https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-4102
2022-02-11
Published
2021-12-15
Added to CISA KEV
Exploited in the wild