Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html
crbug.com/1184954
lists.fedoraproject.org/archives/list/[email protected]/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/
lists.fedoraproject.org/archives/list/[email protected]/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/
lists.fedoraproject.org/archives/list/[email protected]/message/WKQDE3PWDKASAPSUJYMOQGL73L3YQRFS/