CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
73.7%
The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buffer/service/query_manager.cc in Google Chrome, as used in Google Chrome OS before 33.0.1750.152, does not check whether a certain position is within the bounds of a shared-memory segment, which allows remote attackers to cause a denial of service (GPU command-buffer memory corruption) or possibly have unspecified other impact via unknown vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
chrome_os | * | cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:* | |
chrome_os | 33.0.1750.2 | cpe:2.3:o:google:chrome_os:33.0.1750.2:*:*:*:*:*:*:* | |
chrome_os | 33.0.1750.5 | cpe:2.3:o:google:chrome_os:33.0.1750.5:*:*:*:*:*:*:* | |
chrome_os | 33.0.1750.16 | cpe:2.3:o:google:chrome_os:33.0.1750.16:*:*:*:*:*:*:* | |
chrome_os | 33.0.1750.29 | cpe:2.3:o:google:chrome_os:33.0.1750.29:*:*:*:*:*:*:* | |
chrome_os | 33.0.1750.51 | cpe:2.3:o:google:chrome_os:33.0.1750.51:*:*:*:*:*:*:* | |
chrome_os | 33.0.1750.58 | cpe:2.3:o:google:chrome_os:33.0.1750.58:*:*:*:*:*:*:* | |
chrome_os | 33.0.1750.70 | cpe:2.3:o:google:chrome_os:33.0.1750.70:*:*:*:*:*:*:* | |
chrome_os | 33.0.1750.93 | cpe:2.3:o:google:chrome_os:33.0.1750.93:*:*:*:*:*:*:* | |
chrome_os | 33.0.1750.112 | cpe:2.3:o:google:chrome_os:33.0.1750.112:*:*:*:*:*:*:* |