CVE-2020-6429: 
Node.js vulnerability analysis and mitigation

CVE-2020-6429 is a use-after-free vulnerability discovered in the audio component of Google Chrome versions prior to 80.0.3987.149. The vulnerability was discovered and reported by Man Yue Mo of GitHub Security Lab on March 2, 2020, and was fixed in the stable channel update released on March 18, 2020 (Chrome Release, GitHub Lab).

The vulnerability occurs in the AudioScheduledSourceHandler::NotifyEnded method where an AudioHandler is posted to a task queue as a scoped_refptr and the context_ UntracedMember can be destroyed while waiting in the task queue. When Context()->GetExecutionContext() is called in NotifyEnded, it can lead to use-after-free condition. The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (HIGH) with vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (NVD).

A remote attacker could potentially exploit heap corruption via a crafted HTML page, which could lead to arbitrary code execution with the privileges of the process or cause a Denial of Service condition (Gentoo Security).

The vulnerability was fixed in Google Chrome version 80.0.3987.149. Users and administrators are strongly advised to upgrade to this version or later. Multiple Linux distributions have also released security updates including Debian, Fedora, and Gentoo (Debian Security, Fedora Update).