CVE-2014-1733

The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access...

Design/Logic Flaw

The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access...

CVE-2014-1733

The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access...

UBUNTU-CVE-2014-1733

The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access...

CVE-2014-1733

The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access...

CVE-2014-1733

CVE-2014-1733 is a compiler bug in Seccomp-BPF that could allow a sandbox bypass in Chromium/Google Chrome. Public sources flag the issue as part of a set of vulnerabilities in Chromium, with patches deemed necessary across multiple distributions. The initial CVE description notes the sandbox byp...

CVE-2014-1733

Removed by vendor...

Google Chrome < 34.0.1847.131 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 34.0.1847.131. It is, therefore, affected by the following vulnerabilities : - A buffer overflow error exists related to the included version of Flash Player. CVE-2014-0515 - Type confusion errors exist related to the...

Google Chrome < 34.0.1847.131 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 34.0.1847.131. It is, therefore, affected by the following vulnerabilities : - A buffer overflow error exists related to the included version of Flash Player. CVE-2014-0515 - Type confusion errors exist relat...

Using Kernel Exploits to Bypass Sandboxes for Fun and Profit

Researchers and attackers alike are quickly discovering you don’t need a fancy Java or Flash exploit to beat application sandboxes. Exploiting an unpatched kernel vulnerability in the underlying operating system, one that’s likely to stay unpatched for a long time, will do just fine. Twice this...

kernel: x86-64: seccomp: 32/64 syscall hole

The securecomputing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x8664 platform, when CONFIGSECCOMP is enabled, does not properly handle 1 a 32-bit process making a 64-bit syscall or 2 a 64-bit process making a 32-bit syscall, which allows...

CVE-2009-0835

The securecomputing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x8664 platform, when CONFIGSECCOMP is enabled, does not properly handle 1 a 32-bit process making a 64-bit syscall or 2 a 64-bit process making a 32-bit syscall, which allows...

Design/Logic Flaw

The securecomputing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x8664 platform, when CONFIGSECCOMP is enabled, does not properly handle 1 a 32-bit process making a 64-bit syscall or 2 a 64-bit process making a 32-bit syscall, which allows...

CVE-2009-0835

Summary (CVE-2009-0835) in the Linux kernel (2.6.28.7 and earlier on x86_64) describes a local privilege issue within the seccomp filter. The __secure_computing function does not correctly handle calls where a 32‑bit process makes a 64‑bit syscall or a 64‑bit process makes a 32‑bit syscall, allow...

CVE-2009-0835

The securecomputing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x8664 platform, when CONFIGSECCOMP is enabled, does not properly handle 1 a 32-bit process making a 64-bit syscall or 2 a 64-bit process making a 32-bit syscall, which allows...

Linux Kernel seccomp系统调用绕过安全限制漏洞

BUGTRAQ ID: 33948 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel内嵌有被称为seccomp的系统调用过滤技术，允许进程将其本身严格的限制到受限的系统调用集，如read、write、exit、sigreturn等。PRSETSECCOMP功能的实现中存在错误，允许本地用户通过将32位进程切换到64位模式并在64位进程中使用syscall指令或interrupt 80h绕过安全执行某些受限制的系统调用。 Linux kernel 2.6.x 厂商补丁： Linux -----...

Linux Kernel 2.6.x - seccomp System Call Security Bypass

Linux Kernel 2.6.x - seccomp System Call Security Bypass / source: https://www.securityfocus.com/bid/33948/info The Linux kernel is prone to a local security-bypass vulnerability. A local attacker may be able to exploit this issue to bypass access control and make restricted system calls, which m...

Linux Kernel 2.6.x - &#039;seccomp&#039; System Call Security Bypass

/ source: https://www.securityfocus.com/bid/33948/info The Linux kernel is prone to a local security-bypass vulnerability. A local attacker may be able to exploit this issue to bypass access control and make restricted system calls, which may result in an elevation of privileges. / / test case fo...