CVE-2014-1710

The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buffer/service/query_manager.cc in Google Chrome, as used in Google Chrome OS before 33.0.1750.152, does not check whether a certain position is within the bounds of a shared-memory segment, which allows remote attackers to cause a denial of service (GPU command-buffer memory corruption) or possibly have unspecified other impact via unknown vectors.

Published: Mar 16, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-1710
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
google / chrome_os	33.0.1750.51	33.0.1750.51.x
google / chrome_os	33.0.1750.5	33.0.1750.5.x
google / chrome_os	-	33.0.1750.149.x
google / chrome_os	33.0.1750.70	33.0.1750.70.x
google / chrome_os	33.0.1750.29	33.0.1750.29.x
google / chrome_os	33.0.1750.2	33.0.1750.2.x
google / chrome_os	33.0.1750.124	33.0.1750.124.x
google / chrome_os	33.0.1750.16	33.0.1750.16.x
google / chrome_os	33.0.1750.58	33.0.1750.58.x
google / chrome_os	33.0.1750.93	33.0.1750.93.x
google / chrome_os	33.0.1750.112	33.0.1750.112.x

Vulnerability Database

289,697

CVE-2014-1710