Google has fixed an error in WebGL (Web Graphics Library) του προγράμματος περιήγησης Google Chrome, which could lead to arbitrary code execution.
WebGL is a JavaScript API that usesfrom compatible browsers for the best 2D and 3D graphics performance without the use of addons.
The fix for this vulnerability it is already included in the beta version of the Google app and we will soon see it in the stable version 85.0.4149.0 which will be released today according to Google.
The security loophole was discovered by Cisco Talos researcher Marcin Towalski and has been documented in CVE-2020-6492. It is very high quality and has been rated with 8.3 CVSSv3 Score.
The vulnerability triggers an outage operation when the WebGL component fails to correctly handle objects in memory.
The CVE-2020-6492 vulnerability affects Google Chrome 81.0.4044.138 (Fixed), 84.0.4136.5 (Dev) and 84.0.4143.7 (Canary), and reported to Google on May 19.