Google Chrome WebRTC RTPSenderVideoFrameTransformerDelegate memory corruption vulnerability [CVE-2021-37979]
CVE number – CVE-2021-37979
A memory corruption vulnerability exists in the WebRTC functionality of Google Chrome 92.0.4515.159 (Stable) and 95.0.4623.0 (Canary). A specially-crafted web page can trigger this vulnerability, which can cause a heap buffer overflow and result in remote code execution.
This vulnerability is in WebRTC, which is a technology that enables websites to capture/stream audio/video and other data between browsers.
While executing the attached PoC on Ubuntu 20.04 x64 / Windows 10 x64 machine with ASAN enabled, Chrome crashes inside the SendVideo function from RTPSenderVideoFrameTransformerDelegate
Victim would need to visit a malicious website to trigger this vulnerability.
Tested Versions
Google Chrome 95.0.4623.0 (Canary)
Google Chrome 92.0.4515.159 (Stable)
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.