Memory Corruption Vulnerability in Google Chrome OS
CVE-2014-1710

Currently unrated

Key Information:

Vendor: Google
Status: Chrome Os
Vendor: CVE Published:; 16 March 2014

What is CVE-2014-1710?

The AsyncPixelTransfersCompletedQuery::End function in Google Chrome OS has a flaw where it fails to verify if a specific position is within the limits of a shared-memory segment. This oversight can enable remote attackers to instigate a denial of service through GPU command-buffer memory corruption, potentially leading to further, yet unspecified, impacts through various unknown methods.

References

https://src.chromium.org/viewvc/chrome?revision=256918&vi...

x_refsource_CONFIRM

http://googlechromereleases.blogspot.com/2014/03/stable-c...

x_refsource_CONFIRM

https://src.chromium.org/viewvc/chrome?revision=256723&vi...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 16, 2014
Vulnerability Reserved
Jan 29, 2014