The high-severity flaw, which was patched in the latest version of Google’s Chrome browser, could allow code execution.

The Google Chrome web browser has a high-severity vulnerability that could be used to execute arbitrary code, researchers say. The flaw has been fixed in the Chrome 85 stable channel, set to be rolled out to users this week.

The flaw (CVE-2020-6492) is a use-after-free vulnerability in the WebGL (Web Graphics Library) component of Chrome browser. This component is a Javascript API that lets users render 2D and 3D graphics within their browser. This specific flaw stems from the WebGL component failing to properly handle objects in memory.

“An adversary could manipulate the memory layout of the browser in a way that they could gain control of the use-after-free exploit, which could ultimately lead to arbitrary code execution,” according to Jon Munshaw with Cisco Talos in a Monday analysis.

The flaw ranks 8.3 out of 10 on the CVSS scale, making it a high-severity vulnerability. Researchers said this vulnerability specifically exists in ANGLE, a compatibility layer between OpenGL and Direct3D used on Windows by Chrome browser and other project.

According to the proof-of-concept (PoC) attack outlined by researchers, the issue exists in a function of ANGLE, called “State::syncTextures.” This function is responsible for checking if texture has any “DirtyBits.” These are “bitsets” indicating if a specific state value, associated with a block of computer memory, has been changed.

#vulnerabilities #web security #chrome #chrome 85.0.4149.0 #security