CVE-2018-10229

4.8MEDIUM

Key Information:

Vendor: Google
Status: Chrome; Firefox
Vendor: CVE Published:; 4 May 2018

Summary

A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.

References

http://www.securityfocus.com/bid/104084

vdb-entryx_refsource_BID

https://www.vusec.net/wp-content/uploads/2018/05/glitch.pdf

x_refsource_MISC

https://www.kb.cert.org/vuls/id/283803

third-party-advisoryx_refsource_CERT-VN

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 4, 2018
Vulnerability Reserved
Apr 19, 2018

Collectors

NVD DatabaseMitre Database