CVE-2021-30573 PoC — Microsoft Edge 资源管理错误漏洞

Source

https://github.com/s4e-io/CVE-2021-30573-PoC-Google-Chrome

Associated Vulnerability

Title:Microsoft Edge 资源管理错误漏洞 (CVE-2021-30573)
Description:Microsoft Edge是美国微软（Microsoft）公司的一款Windows 10之后版本系统附带的Web浏览器。 Microsoft Edge中存在资源管理错误漏洞。该漏洞的存在是由于在谷歌Chrome中的GPU组件的免费后使用错误。

Description

Google Chrome Use After Free vulnerability reported by S4E Team

Readme

# CVE-2021-30573-PoC-Google-Chrome
Google Chrome Use After Free vulnerability reported by S4E Team

**Total Bug Bounty Reward: $6.000**

This is Proof of Concept for:

* **[Google Security_Severity]** CVE
* **[HIGH] CVE-2021-30573** https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30573

Google Blog post:

https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop_20.html


Requirements: Nothing, you just need to run an HTML file in an older version of Google Chrome [91.0.4472.77] + [stable] (Official Build) (64-bit)

    poc-exploit.html (The bug works in Google Chrome 91 or lower. It is patched in 92+)

Mentioned bug is "Reported by Security For Everyone Team"

File Snapshot


 [4.0K]  /data/pocs/6356dd6d9feebc8c9828d35d9b83dedeeeb2c8de
├── [9.9K]  poc-exploit.html
└── [ 699]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!