Описание
The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access.
The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-1733
- https://code.google.com/p/chromium/issues/detail?id=351103
- https://src.chromium.org/viewvc/chrome?revision=260157&view=revision
- http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html
- http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html
- http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html
- http://secunia.com/advisories/58301
- http://security.gentoo.org/glsa/glsa-201408-16.xml
- http://www.debian.org/security/2014/dsa-2920
Связанные уязвимости
The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access.
The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access.
The PointerCompare function in codegen.cc in Seccomp-BPF, as used in G ...
Уязвимость браузера Google Chrome, позволяющая злоумышленнику обойти ограничения песочницы
Уязвимость браузера Google Chrome, позволяющая злоумышленнику обойти ограничения песочницы