CVE-2020-6455: 
Google Chrome vulnerability analysis and mitigation

CVE-2020-6455 is a security vulnerability discovered in Google Chrome's WebSQL implementation prior to version 81.0.4044.92. The vulnerability was reported by Nan Wang (@eternalsakura13) and Guang Gong of Alpha Lab, Qihoo 360 on March 9, 2020 (Chrome Release). The issue involves an out-of-bounds read vulnerability that could potentially allow a remote attacker to exploit heap corruption through a specially crafted HTML page (NVD).

The vulnerability is classified as an out-of-bounds read issue in the WebSQL component of Google Chrome. It has been assigned a CVSS v3.1 base score of 8.8 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The vulnerability is tracked under CWE-125 (Out-of-bounds Read) and requires user interaction to be exploited (NVD).

The vulnerability could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page, which could lead to arbitrary code execution within the context of the browser. Given the CVSS score of 8.8, this vulnerability has high potential impact on confidentiality, integrity, and availability of the affected system (NVD).

The vulnerability was fixed in Google Chrome version 81.0.4044.92. Users and administrators are advised to upgrade to this version or later. The fix has been incorporated into various Linux distributions including Debian, Fedora, and Ubuntu through their respective security updates (Debian Security, Fedora Update).