CVE-2021-21192: 
Google Chrome vulnerability analysis and mitigation

A heap buffer overflow vulnerability was discovered in the tab groups feature of Google Chrome versions prior to 89.0.4389.90. This vulnerability, identified as CVE-2021-21192, was reported by Abdulrahman Alqabandi from Microsoft Browser Vulnerability Research on February 23, 2021 (Chrome Release).

The vulnerability is classified as a heap buffer overflow specifically affecting the tab groups functionality in Google Chrome. It received a CVSS 3.1 Base Score of 8.8 (High), with the following vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The attack vector is network-based, requires low attack complexity, needs no privileges, but does require user interaction (Ubuntu CVE).

If successfully exploited, this vulnerability could allow a remote attacker to potentially exploit heap corruption through a specially crafted HTML page. The impact assessment indicates high potential for compromise of confidentiality, integrity, and availability of the affected system (Debian Security).

The vulnerability was patched in Chrome version 89.0.4389.90. Users and administrators are advised to upgrade to this version or later. Various Linux distributions have also released security updates to address this vulnerability, including Debian (89.0.4389.114-1~deb10u1), Ubuntu, and Fedora (Fedora Update).