Reported as exploited in the wild at https://threatpost.com/google-patches-actively-exploited-flaw-in-chrome-browser/164468/ and at https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html.
Details are still scant on this vulnerability as they are being withheld by Google until more people have patched the issue, which was fixed in Chrome 89.0.4389.72. All that we know is that the bug is labeled as an
Object lifecycle issue in audio and was found by
Alison Huffman, Microsoft Browser Vulnerability Research on 2021-02-11.
Given the description of this vulnerability as well as its link to a similar vulnerability exploited in the wild in the past (see https://threatpost.com/google-discloses-chrome-flaw-exploited-in-the-wild/149784/), its likely that this is a UAF vulnerability. Given the one used in https://threatpost.com/google-discloses-chrome-flaw-exploited-in-the-wild/149784/ was a bug in the same component which was then used in the WizardOpium attacks, its likely that this vulnerability will lead to full compromise of the system given past history.
This bug is trivial to exploit but time consuming to gain useful advantage. Each execution of rmsock leaks 64 bits of kernel memory. Some work on grooming the kernel address space could make this more effective but I didn’t pursue it.
Unlikely to be setUID, unlikely that you will have write control over the vulnerable part of the RPATH at the point another user runs it. More theoretical than actual.