Google formed Chrome Update 96.0.4664.110, in which Fixed 5 vulnerabilities, including vulnerability (CVE-2021-4102), already used by attackers in the exploits (0-day) and critical vulnerability (CVE-2021-4098), allowing you to bypass all borrower protection levels and perform code in the system outside Sandbox-environment.
Details are not yet disclosed, it is only known that the 0-day vulnerability is caused by using the memory after its release in the V8 engine, and the critical vulnerability is associated with the lack of due value in the IPC framework mojo . From other vulnerabilities, the buffer overflow is referred to (CVE-2021-4101) and accessing already freed memory (CVE-2021-4099) in the SwiftShader rendering system, as well as the problem (CVE-2021-4100) with the life cycle of objects in angle , layer for broadcasting OpenGL ES calls to OpenGL, Direct3D 9/11, Desktop GL and VULKAN.