First published: Sun Mar 16 2014(Updated: )
The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buffer/service/query_manager.cc in Google Chrome, as used in Google Chrome OS before 33.0.1750.152, does not check whether a certain position is within the bounds of a shared-memory segment, which allows remote attackers to cause a denial of service (GPU command-buffer memory corruption) or possibly have unspecified other impact via unknown vectors.
Credit: cve-coordination@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Chrome OS | <=33.0.1750.149 | |
Google Chrome OS | =33.0.1750.2 | |
Google Chrome OS | =33.0.1750.5 | |
Google Chrome OS | =33.0.1750.16 | |
Google Chrome OS | =33.0.1750.29 | |
Google Chrome OS | =33.0.1750.51 | |
Google Chrome OS | =33.0.1750.58 | |
Google Chrome OS | =33.0.1750.70 | |
Google Chrome OS | =33.0.1750.93 | |
Google Chrome OS | =33.0.1750.112 | |
Google Chrome OS | =33.0.1750.124 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2014-1710 has a severity rating that indicates it could lead to remote code execution due to improper memory checks.
To fix CVE-2014-1710, update Google Chrome OS to a version later than 33.0.1750.152.
CVE-2014-1710 affects Google Chrome OS versions prior to and including 33.0.1750.152.
Yes, CVE-2014-1710 can be exploited by remote attackers to cause harmful effects on the system.
CVE-2014-1710 involves a failure to check memory segment boundaries in the AsyncPixelTransfersCompletedQuery::End function.