Apple Mac OSX Kernel - GeForce GPU Driver Stack Buffer Overflow

Apple Mac OSX Kernel - GeForce GPU Driver Stack Buffer Overflow / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=724 nvAPIClient::Escape is the sole external method of nvAcclerator userclient type 0x2a0. It implements its own method and parameter demuxing using the struct-in...

Google Chrome libANGLE glGetUniformfv Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the libANGLE...

Apple Mac OSX - Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver

Exploit for macOS platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=708 The external methods IGAccelGLContext::unmapusermemory and IGAccelCLContext::unmapusermemory take an 8 byte struct input which is a user-space pointer previously passed to the...

Apple Mac OSX - Kernel Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in

Exploit for macOS platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=709 nvDevice::ReleaseDeviceTexture is external method 0x10a of userclient 5 of the geforce IOAccelerator. It takes a single uint argument text:000000000001BCD2 mov r14d, esi...

Apple Mac OSX Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=709 nvDevice::ReleaseDeviceTexture is external method 0x10a of userclient 5 of the geforce IOAccelerator. It takes a single uint argument text:000000000001BCD2 mov r14d, esi ... text:000000000001BD08 and r14d, 7FFFFFFFh -- clear...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability in the implementation of the GPU process for Google Chrome’s browser /browser/gpu/browsergpuchannelhostfactory.cc, content/renderer/renderthreadimpl.cc is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker, operating remotely, t...

FreeBSD : chromium -- multiple vulnerabilities (9d732078-32c7-11e5-b263-00262d5ed8ee)

Google Chrome Releases reports : 43 security fixes in this release, including : - 446032 High CVE-2015-1271: Heap-buffer-overflow in pdfium. Credit to cloudfuzzer. - 459215 High CVE-2015-1273: Heap-buffer-overflow in pdfium. Credit to makosoft. - 461858 High CVE-2015-1274: Settings allowed...

CVE-2015-1272

Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown,...

Design/Logic Flaw

Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown,...

CVE-2015-1272

Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown,...

Google Chrome Multiple Vulnerabilities-01 (Jul 2015) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

UBUNTU-CVE-2015-1272

Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown,...

CVE-2015-1272

Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown,...

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 44 to the stable channel for Windows, Mac and Linux. Chrome 44.0.2403.89 contains a number of fixes and improvements, including: A number of new apps/extension APIs Lots of under the hood changes for stability and performance A list...

(Pwn2Own) Google Chrome pnacl Shared Memory Time-Of-Check/Time-Of-Use Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

CVE-2013-0915

The GPU process in Google Chrome OS before 25.0.1364.173 allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an "overflow."...

Buffer overflow

The GPU process in Google Chrome OS before 25.0.1364.173 allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an "overflow."...

CVE-2013-0915

The GPU process in Google Chrome OS before 25.0.1364.173 allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an "overflow."...

CVE-2012-5129

Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 23.0.1271.94 allows remote attackers to cause a denial of service GPU process crash or possibly have unspecified other impact via unknown vectors...

Heap overflow

Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 23.0.1271.94 allows remote attackers to cause a denial of service GPU process crash or possibly have unspecified other impact via unknown vectors...