PT-2021-4313 · Google+3 · V8+4

Clement Lecigne

+1

·

Published

2021-06-09

·

Updated

2025-12-08

·

CVE-2021-30551

CVSS v2.0

9.3

High

VectorAV:N/AC:M/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 91.0.4472.101
Description The issue is related to a type confusion in V8, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability is caused by incorrect type handling in the JavaScript engine V8. It has been reported that this vulnerability was exploited in real-world attacks.
Recommendations For Google Chrome versions prior to 91.0.4472.101, update to version 91.0.4472.101 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted HTML pages that could exploit the type confusion vulnerability in V8. Restrict access to potentially vulnerable web pages to minimize the risk of exploitation.

Exploit

Fix

Type Confusion

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-843

Related Identifiers

ALSA-2025_16880
ALT-PU-2021-1974
ALT-PU-2021-2007
ALT-PU-2021-2068
ALT-PU-2021-2097
ALT-PU-2021-2141
BDU:2021-04922
CVE-2021-30551
OPENSUSE-SU-2021:0881-1
OPENSUSE-SU-2021:0938-1
OPENSUSE-SU-2021:0948-1
OPENSUSE-SU-2021:0949-1
OPENSUSE-SU-2021_0881-1
OPENSUSE-SU-2021_0948-1
OPENSUSE-SU-2021_0949-1
OPENSUSE-SU-2022:0110-1
OPENSUSE-SU-2022_0110-1
OPENSUSE-SU-2024:10681-1
OPENSUSE-SU-2024:10977-1
OPENSUSE-SU-2024:12948-1

Affected Products

Alt Linux
Astra Linux
Google Chrome
Suse
V8