Vulnerability CVE-2020-16041: Information

Description

Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.

Severity: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-16041
Published: Jan. 8, 2021
Modified: March 5, 2021
Error type identifier: CWE-125

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
chromiumsisyphus87.0.4280.88-alt1125.0.6422.141-alt1ALT-PU-2020-3550-1263750Fixed
chromiump1087.0.4280.88-alt1119.0.6045.159-alt0.p10.1ALT-PU-2020-3550-1263750Fixed
chromiump987.0.4280.141-alt0.1.p997.0.4692.99-alt0.p9.1ALT-PU-2021-1157-1264552Fixed
chromiumc10f187.0.4280.88-alt1110.0.5481.177-alt1.p10.1ALT-PU-2020-3550-1263750Fixed
chromiump1187.0.4280.88-alt1125.0.6422.141-alt1ALT-PU-2020-3550-1263750Fixed
chromium-gostsisyphus87.0.4280.141-alt1124.0.6367.78-alt1ALT-PU-2021-1049-1264758Fixed
chromium-gostp1087.0.4280.141-alt1110.0.5481.177-alt1.p10.1ALT-PU-2021-1049-1264758Fixed
chromium-gostp988.0.4324.96-alt0.1.p996.0.4664.45-alt2.p9.1ALT-PU-2021-1210-1265329Fixed
chromium-gostc10f187.0.4280.141-alt1110.0.5481.177-alt1.p10.1ALT-PU-2021-1049-1264758Fixed
chromium-gostc9f288.0.4324.150-alt0.1.c996.0.4664.45-alt2.c9.1ALT-PU-2021-1379-1265372Fixed
chromium-gostp1187.0.4280.141-alt1124.0.6367.78-alt1ALT-PU-2021-1049-1264758Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://chromereleases.googleblog.com/2020/12/stable-channel-update-for-desktop.html
  • Release Notes
  • Vendor Advisory
https://crbug.com/1151865
  • Permissions Required
  • Vendor Advisory
http://packetstormsecurity.com/files/161581/Chrome-DataElement-Out-Of-Bounds-Read.html
  • Not Applicable
  • Third Party Advisory
  • VDB Entry

    1. Configuration 1

      cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
      End excliding
      87.0.4280.88
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top