CVE-2020-16044

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.

References

https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html

https://crbug.com/1163228

Details

Source: MITRE

Published: 2021-02-09

Updated: 2021-07-21

Type: CWE-416

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 8.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Tenable Plugins

View all (56 total)

IDNameProductFamilySeverity
150667SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2021:14595-1)NessusSuSE Local Security Checks
high
147404NewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Vulnerability (NS-SA-2021-0046)NessusNewStart CGSL Local Security Checks
high
147347NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Vulnerability (NS-SA-2021-0033)NessusNewStart CGSL Local Security Checks
high
147342NewStart CGSL MAIN 6.02 : thunderbird Multiple Vulnerabilities (NS-SA-2021-0091)NessusNewStart CGSL Local Security Checks
high
147268NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0089)NessusNewStart CGSL Local Security Checks
high
146318Debian DSA-4846-1 : chromium - security updateNessusDebian Local Security Checks
high
146155Debian DLA-2541-1 : thunderbird security updateNessusDebian Local Security Checks
high
145937CentOS 8 : thunderbird (CESA-2021:0089)NessusCentOS Local Security Checks
high
145862CentOS 8 : firefox (CESA-2021:0052)NessusCentOS Local Security Checks
high
145776Fedora 32 : chromium (2021-b7cc24375b)NessusFedora Local Security Checks
high
145729openSUSE Security Update : chromium (openSUSE-2021-173)NessusSuSE Local Security Checks
high
145728Debian DSA-4842-1 : thunderbird - security updateNessusDebian Local Security Checks
high
145485openSUSE Security Update : chromium (openSUSE-2021-166)NessusSuSE Local Security Checks
high
145449Amazon Linux 2 : thunderbird (ALAS-2021-1594)NessusAmazon Linux Local Security Checks
high
145448Microsoft Edge (Chromium) < 88.0.705.50 Multiple VulnerabilitiesNessusWindows
critical
145391Fedora 33 : chromium (2021-48866282e5)NessusFedora Local Security Checks
high
145379openSUSE Security Update : MozillaFirefox (openSUSE-2021-56)NessusSuSE Local Security Checks
high
145341GLSA-202101-13 : Chromium, Google Chrome: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
145330openSUSE Security Update : MozillaThunderbird (openSUSE-2021-127)NessusSuSE Local Security Checks
high
145327GLSA-202101-14 : Mozilla Thunderbird: Remote code executionNessusGentoo Local Security Checks
high
145316FreeBSD : chromium -- multiple vulnerabilities (4ed0e43c-5cef-11eb-bafd-3065ec8fd3ec)NessusFreeBSD Local Security Checks
high
145288openSUSE Security Update : MozillaThunderbird (openSUSE-2021-93)NessusSuSE Local Security Checks
high
145275openSUSE Security Update : MozillaFirefox (openSUSE-2021-63)NessusSuSE Local Security Checks
high
145221Ubuntu 20.10 : Thunderbird vulnerabilities (USN-4701-1)NessusUbuntu Local Security Checks
high
701297Google Chrome < 88.0.4324.96 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
145072Google Chrome < 88.0.4324.96 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
145071Google Chrome < 88.0.4324.96 Multiple VulnerabilitiesNessusWindows
high
145068RHEL 8 : thunderbird (RHSA-2021:0160)NessusRed Hat Local Security Checks
high
145038CentOS 7 : thunderbird (CESA-2021:0087)NessusCentOS Local Security Checks
high
145037CentOS 7 : firefox (CESA-2021:0053)NessusCentOS Local Security Checks
high
145012Oracle Linux 8 : thunderbird (ELSA-2021-0089)NessusOracle Linux Local Security Checks
high
144987Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2021:0087)NessusScientific Linux Local Security Checks
high
144941RHEL 8 : thunderbird (RHSA-2021:0088)NessusRed Hat Local Security Checks
high
144940Oracle Linux 7 : thunderbird (ELSA-2021-0087)NessusOracle Linux Local Security Checks
high
144937RHEL 8 : thunderbird (RHSA-2021:0089)NessusRed Hat Local Security Checks
high
144936RHEL 7 : thunderbird (RHSA-2021:0087)NessusRed Hat Local Security Checks
high
144926SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:0072-1)NessusSuSE Local Security Checks
high
144913SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:0071-1)NessusSuSE Local Security Checks
high
144909SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2021:0080-1)NessusSuSE Local Security Checks
high
144855Mozilla Thunderbird < 78.6.1NessusMacOS X Local Security Checks
high
144854Mozilla Thunderbird < 78.6.1NessusWindows
high
144853Oracle Linux 8 : firefox (ELSA-2021-0052)NessusOracle Linux Local Security Checks
high
144848RHEL 8 : firefox (RHSA-2021:0054)NessusRed Hat Local Security Checks
high
144847RHEL 8 : firefox (RHSA-2021:0052)NessusRed Hat Local Security Checks
high
144846RHEL 7 : firefox (RHSA-2021:0053)NessusRed Hat Local Security Checks
high
144845RHEL 8 : firefox (RHSA-2021:0055)NessusRed Hat Local Security Checks
high
144844Oracle Linux 7 : firefox (ELSA-2021-0053)NessusOracle Linux Local Security Checks
high
144843Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2021:0053)NessusScientific Linux Local Security Checks
high
144839Debian DSA-4827-1 : firefox-esr - security updateNessusDebian Local Security Checks
high
144836Debian DLA-2521-1 : firefox-esr security updateNessusDebian Local Security Checks
high
144832GLSA-202101-04 : Mozilla Firefox: Remote code executionNessusGentoo Local Security Checks
high
144808Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : Firefox vulnerability (USN-4687-1)NessusUbuntu Local Security Checks
high
144772Mozilla Firefox < 84.0.2NessusMacOS X Local Security Checks
high
144771Mozilla Firefox < 84.0.2NessusWindows
high
144770Mozilla Firefox ESR < 78.6.1NessusWindows
high
144769Mozilla Firefox ESR < 78.6.1NessusMacOS X Local Security Checks
high