CVE-2021-30597: Use after free in Browser UI

Reference Links

• https://chromereleases.googleblog.com/2021/08/the-stable-channel-has-been-updated-to.html (Advisory)
• https://crbug.com/1232617
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LVY4WIWTVVYKQMROJJS365TZBKEARCF/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPJPUSAWIJMQFBQQQYXAICLI4EKFQOH6/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QW4R2K5HVJ4R6XDZYOJCCFPIN2XHNS3L/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LVY4WIWTVVYKQMROJJS365TZBKEARCF/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QW4R2K5HVJ4R6XDZYOJCCFPIN2XHNS3L/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPJPUSAWIJMQFBQQQYXAICLI4EKFQOH6/

Parent vulnerabilities

(Appears in the following advisories)

• 1656672544346881992

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2021-30590
• CVE-2021-30591
• CVE-2021-30592
• CVE-2021-30593
• CVE-2021-30594
• CVE-2021-30596

Frequently Asked Questions

• What is the severity of CVE-2021-30597?

  CVE-2021-30597 is considered a high severity vulnerability due to the potential for remote exploitation and heap corruption.

• How do I fix CVE-2021-30597?

  To fix CVE-2021-30597, upgrade Google Chrome to version 92.0.4515.131 or later.

• Which versions of Google Chrome are affected by CVE-2021-30597?

  CVE-2021-30597 affects all versions of Google Chrome prior to 92.0.4515.131.

• Can CVE-2021-30597 be exploited remotely?

  Yes, CVE-2021-30597 can potentially be exploited remotely through physical access to the device.

• What platforms are impacted by CVE-2021-30597?

  CVE-2021-30597 impacts Google Chrome and affected versions of Fedora 33, 34, and 35.