Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Published: 2021-02-05
Following reports of in-the-wild exploitation, Google released a patch for the third browser-based zero-day vulnerability of 2021. Background On February 4, Google published a stable channel update for Chrome for Desktop. This release contained a single security fix to address a critical zero-day vulnerability that had been exploited in the wild.
https://www.tenable.com/cyber-exposure/2021-threat-landscape-retrospective
https://www.debian.org/security/2021/dsa-4858
https://security.gentoo.org/glsa/202104-08
https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html
http://packetstormsecurity.com/files/162579/Chrome-Array-Transfer-Bypass.html