This release contains 14 security fixes, including:
- [1212618] Critical CVE-2021-30544: Use after free in BFCache.
Reported by Rong Jian and Guang Gong of 360 Alpha Lab on
2021-05-24
- [1201031] High CVE-2021-30545: Use after free in Extensions.
Reported by kkwon with everpall and kkomdal on 2021-04-21
- [1206911] High CVE-2021-30546: Use after free in Autofill.
Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability
Research on 2021-05-08
- [1210414] High CVE-2021-30547: Out of bounds write in ANGLE.
Reported by Seong-Hwan Park (SeHwa) of SecunologyLab on
2021-05-18
- [1210487] High CVE-2021-30548: Use after free in Loader.
Reported by Yangkang(@dnpushme) & Wanglu of Qihoo360 Qex Team
on 2021-05-18
- [1212498] High CVE-2021-30549: Use after free in Spell check.
Reported by David Erceg on 2021-05-23
- [1212500] High CVE-2021-30550: Use after free in Accessibility.
Reported by David Erceg on 2021-05-23
- [1216437] High CVE-2021-30551: Type Confusion in V8. Reported by
Sergei Glazunov of Google Project Zero on 2021-06-04
- [1200679] Medium CVE-2021-30552: Use after free in Extensions.
Reported by David Erceg on 2021-04-20
- [1209769] Medium CVE-2021-30553: Use after free in Network
service. Reported by Anonymous on 2021-05-17
Google is aware that an exploit for CVE-2021-30551 exists in the
wild.