CVE-2021-37973
Published: 08 October 2021
Summary
CVE-2021-37973 is a critical-severity Use After Free (CWE-416) vulnerability in Fedoraproject Fedora. Its CVSS base score is 9.6 (Critical).
Operationally, ranked in the top 5.3% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SC-39 (Process Isolation).
Deeper analysis
The vulnerability CVE-2021-37973 is a use-after-free issue in the Portals component of Google Chrome versions prior to 94.0.4606.61, tracked as CWE-416. It affects the renderer process when handling portal-related operations in the browser engine.
A remote attacker who has already compromised the renderer process can exploit the flaw by serving a crafted HTML page, potentially achieving a sandbox escape with high impact to confidentiality, integrity, and availability. The reported CVSS 3.1 score of 9.6 reflects the network attack vector, low complexity, required user interaction, and changed scope.
Chrome release notes and distribution advisories for Fedora and Debian indicate that the issue is resolved by updating to version 94.0.4606.61 or equivalent packaged builds; the corresponding Chromium bug report provides additional technical references for the fix. No information on observed in-the-wild exploitation is supplied in the available references.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-24446
Vulnerability details
Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CWE(s)
- KEV Date Added
- 03 November 2021
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely application of the vendor patch (Chrome 94.0.4606.61) that eliminates the use-after-free flaw before a renderer compromise can be escalated.
Enforces memory-protection mechanisms that block exploitation of use-after-free conditions (CWE-416) in the renderer process.
Requires process isolation boundaries whose bypass is exactly what the sandbox-escape portion of this CVE attempts to achieve.