Experts Explain a New RCE Vulnerability in the Google Chrome Dev Channel
The problem is related to an instance of use-after-free in the instruction optimization component, which if successfully exploited might “enable an attacker to execute arbitrary code in the context of the browser.”
The bug, discovered in Chrome 101’s Dev channel, was reported to Google by Weibo Wang, a security researcher at Singapore cybersecurity firm Numen Cyber Technology, and has since been discreetly corrected by the company.
“This vulnerability arises at the instruction selection step, where the incorrect instruction is chosen, resulting in a memory access exception,” Wang explained.
When previously-freed memory is accessed, it causes uncertain behavior and can cause a program to crash, utilize corrupted data, or even execute arbitrary code.
Worryingly, the issue may be remotely exploited via a properly crafted website to circumvent security constraints and run arbitrary code to compromise the targeted computers.
“This vulnerability may be further exploited utilizing heap spraying techniques, resulting in a ‘type confusion’ issue,” Wang added. “The vulnerability allows an attacker to manipulate function pointers or put code into arbitrary memory regions, potentially leading to code execution.”
To allow as many people as possible to install the patched version first, the business has not yet revealed the vulnerability via the Chromium bug tracker web. Google also does not give CVE IDs to vulnerabilities discovered in non-stable Chrome channels.
Chrome users, particularly developers who use Chrome’s Dev edition for testing to ensure that their apps are compatible with the newest Chrome features and API modifications, should update to the most recent version of the program.
TurboFan assembly instructions once the vulnerability has been fixed
This is not the first time that Chrome has been found to contain use-after-free vulnerabilities. Google patched seven such issues in the web browser that were exploited in real-world assaults in 2021. This year, it has also set an actively exploited use-after-free vulnerability in the Animation component.
Have you enjoyed reading this article? To read more exclusive material from THN, follow us on Facebook. Experts Explain a New RCE Vulnerability in the Google Chrome Dev Channel