CVE-2021-30536: Out of bounds read in V8

Reference Links

• https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html (Advisory)
• https://crbug.com/1194358
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/
• https://security.gentoo.org/glsa/202107-06
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/

Parent vulnerabilities

(Appears in the following advisories)

• 7170632646642454608

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2021-30521
• CVE-2021-30522
• CVE-2021-30523
• CVE-2021-30524
• CVE-2021-30525
• CVE-2021-30526
• CVE-2021-30527
• CVE-2021-30528
• CVE-2021-4322
• CVE-2021-30529
• CVE-2021-30530
• CVE-2021-30531
• CVE-2021-30532
• CVE-2021-30533
• CVE-2021-30534
• CVE-2021-30535
• CVE-2021-30542
• CVE-2021-30543
• CVE-2021-30558
• CVE-2021-30537
• CVE-2021-30538
• CVE-2021-30539
• CVE-2021-30540
• CVE-2021-4321

Frequently Asked Questions

• What is the severity of CVE-2021-30536?

  CVE-2021-30536 has been classified as a medium severity vulnerability.

• How do I fix CVE-2021-30536?

  To fix CVE-2021-30536, update Google Chrome to version 91.0.4472.77 or later.

• What type of vulnerability is CVE-2021-30536?

  CVE-2021-30536 is an out of bounds read vulnerability that can potentially lead to stack corruption.

• Which versions of Google Chrome are affected by CVE-2021-30536?

  CVE-2021-30536 affects all versions of Google Chrome prior to 91.0.4472.77.

• Can CVE-2021-30536 be exploited remotely?

  Yes, CVE-2021-30536 can be exploited remotely through a crafted HTML page.