Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1710

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2014-1710
Last Modified 25 Mar 2014 10:04:31
Published 16 Mar 2014 10:06:45
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-1710

Summary

The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buffer/service/query_manager.cc in Google Chrome, as used in Google Chrome OS before 33.0.1750.152, does not check whether a certain position is within the bounds of a shared-memory segment, which allows remote attackers to cause a denial of service (GPU command-buffer memory corruption) or possibly have unspecified other impact via unknown vectors.

Vulnerable Systems

Operating System

  • Google Chrome Os 33.0.1750.112

  • Google Chrome Os 33.0.1750.124

  • Google Chrome Os 33.0.1750.149

  • Google Chrome Os 33.0.1750.16

  • Google Chrome Os 33.0.1750.2

  • Google Chrome Os 33.0.1750.29

  • Google Chrome Os 33.0.1750.5

  • Google Chrome Os 33.0.1750.51

  • Google Chrome Os 33.0.1750.58

  • Google Chrome Os 33.0.1750.70

  • Google Chrome Os 33.0.1750.93


References

CONFIRM - https://src.chromium.org/viewvc/chrome?revision=256918&view=revision

CONFIRM - https://src.chromium.org/viewvc/chrome?revision=256723&view=revision

CONFIRM - https://code.google.com/p/chromium/issues/detail?id=351852

CONFIRM - http://googlechromereleases.blogspot.com/2014/03/stable-channel-update-for-chrome-os_14.html


Last Updated: 27 May 2016 11:04:42