The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buffer/service/query_manager.cc in Google Chrome, as used in Google Chrome OS prior to 33.0.1750.152, does not check whether a certain position is within the bounds of a shared-memory segment, which allows remote malicious users to cause a denial of service (GPU command-buffer memory corruption) or possibly have unspecified other impact via unknown vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome os 33.0.1750.51 |
||
google chrome os 33.0.1750.5 |
||
google chrome os |
||
google chrome os 33.0.1750.70 |
||
google chrome os 33.0.1750.29 |
||
google chrome os 33.0.1750.2 |
||
google chrome os 33.0.1750.124 |
||
google chrome os 33.0.1750.16 |
||
google chrome os 33.0.1750.58 |
||
google chrome os 33.0.1750.93 |
||
google chrome os 33.0.1750.112 |