The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access.
References
Configurations
History
07 Nov 2023, 02:19
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html - | |
References | () https://src.chromium.org/viewvc/chrome?revision=260157&view=revision - | |
References | () http://security.gentoo.org/glsa/glsa-201408-16.xml - | |
References | () http://www.debian.org/security/2014/dsa-2920 - | |
References | () http://secunia.com/advisories/58301 - | |
References | () http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html - | |
References | () https://code.google.com/p/chromium/issues/detail?id=351103 - | |
References | () http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html - |
10 Nov 2022, 19:43
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:google:chrome:34.0.1847.2:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.44:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.118:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.37:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.79:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.57:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.94:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.61:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.6:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.83:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.59:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.81:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.43:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.100:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.48:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.39:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.91:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.56:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.8:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.25:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.10:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.14:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.80:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.111:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.69:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.65:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.77:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.72:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.15:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.52:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.120:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.7:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.3:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.130:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.71:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.86:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.49:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.42:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.85:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.47:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.41:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.60:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.54:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.73:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.98:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.114:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.68:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.113:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.23:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.63:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.99:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.24:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.50:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.64:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.53:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.97:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.102:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.67:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.109:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.55:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.45:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.82:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.116:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.58:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.4:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.115:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.66:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.78:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.46:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.103:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.38:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.9:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.5:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.92:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.75:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.87:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.12:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.1:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.101:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.51:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.36:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.76:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.74:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.62:*:*:*:*:*:*:* cpe:2.3:a:google:chrome:34.0.1847.112:*:*:*:*:*:*:* |
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
References | (SECUNIA) http://secunia.com/advisories/58301 - Broken Link, Vendor Advisory | |
References | (GENTOO) http://security.gentoo.org/glsa/glsa-201408-16.xml - Third Party Advisory | |
References | (CONFIRM) https://code.google.com/p/chromium/issues/detail?id=351103 - Exploit, Issue Tracking, Mailing List, Vendor Advisory | |
References | (CONFIRM) http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html - Broken Link, Release Notes, Vendor Advisory | |
References | (CONFIRM) https://src.chromium.org/viewvc/chrome?revision=260157&view=revision - Mailing List, Vendor Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html - Broken Link | |
References | (DEBIAN) http://www.debian.org/security/2014/dsa-2920 - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html - Broken Link |
Information
Published : 2014-04-26 10:55
Updated : 2023-12-10 11:31
NVD link : CVE-2014-1733
Mitre link : CVE-2014-1733
CVE.ORG link : CVE-2014-1733
JSON object : View
Products Affected
apple
- mac_os_x
microsoft
- windows
linux
- linux_kernel
- chrome
CWE
CWE-20
Improper Input Validation