Vulnerability identifier: #VU29860
Vulnerability risk: Medium
Exploitation vector: Network
Exploit availability: Yes
The vulnerability allows a remote attacker to gain access to potentially sensitive information.The vulnerability exists due to WebRTC used the memory address of a class instance as a connection identifier. A remote attacker can use the obtained value to bypass ASLR protection.
Update to version 84.0.4147.89.
Vulnerable software versions
Google Chrome: 80.0.3987.163 - 83.0.4103.116
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?