CVE-2021-37959

Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.
Configurations

Configuration 1 (hide)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

History

07 Nov 2023, 03:37

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/', 'name': 'FEDORA-2021-ab09a05562', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/', 'name': 'FEDORA-2021-591b3a2af0', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/ -

18 Feb 2022, 16:17

Type Values Removed Values Added
First Time Debian
Debian debian Linux
References (DEBIAN) https://www.debian.org/security/2022/dsa-5046 - (DEBIAN) https://www.debian.org/security/2022/dsa-5046 - Third Party Advisory
CPE cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

15 Jan 2022, 15:15

Type Values Removed Values Added
References
  • (DEBIAN) https://www.debian.org/security/2022/dsa-5046 -

24 Nov 2021, 21:28

Type Values Removed Values Added
CPE cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/ - Mailing List, Third Party Advisory

17 Nov 2021, 22:18

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/ -

10 Nov 2021, 01:18

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/', 'name': 'FEDORA-2021-591b3a2af0', 'tags': [], 'refsource': 'FEDORA'}

30 Oct 2021, 02:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/ -

14 Oct 2021, 23:34

Type Values Removed Values Added
References (MISC) https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html - (MISC) https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html - Release Notes, Vendor Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/ - Mailing List, Third Party Advisory
References (MISC) https://crbug.com/1229625 - (MISC) https://crbug.com/1229625 - Permissions Required, Vendor Advisory
CPE cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 6.8
v3 : 8.8
CWE CWE-416

09 Oct 2021, 03:35

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/ -

08 Oct 2021, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-10-08 22:15

Updated : 2023-12-10 14:09


NVD link : CVE-2021-37959

Mitre link : CVE-2021-37959

CVE.ORG link : CVE-2021-37959


JSON object : View

Products Affected

debian

  • debian_linux

google

  • chrome

fedoraproject

  • fedora
CWE
CWE-416

Use After Free