CVE-2021-30523: 
vulnerability analysis and mitigation

CVE-2021-30523 is a Use-after-free vulnerability discovered in the WebRTC component of Google Chrome versions prior to 91.0.4472.77. The vulnerability was reported on March 13, 2021, by Tolyan Korniltsev and was publicly disclosed in May 2021 (Chrome Release).

The vulnerability is classified as a Use-after-free (CWE-416) issue in the WebRTC component that could be exploited via a crafted SCTP packet. It received a CVSS v3.1 base score of 8.8 (HIGH), with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating network accessibility, low attack complexity, no privileges required, and user interaction required (NVD).

If successfully exploited, this vulnerability could allow a remote attacker to potentially exploit heap corruption, leading to arbitrary code execution, information disclosure, or system compromise. The high CVSS score indicates significant potential impact on the confidentiality, integrity, and availability of the affected system (NVD).

The vulnerability was patched in Google Chrome version 91.0.4472.77. Users and administrators are advised to upgrade to this version or later to mitigate the risk. Various Linux distributions including Fedora, Ubuntu, and Gentoo have also released security updates to address this vulnerability (Gentoo Advisory, Fedora Update).