CVE-2014-1710
https://notcve.org/view.php?id=CVE-2014-1710
The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buffer/service/query_manager.cc in Google Chrome, as used in Google Chrome OS before 33.0.1750.152, does not check whether a certain position is within the bounds of a shared-memory segment, which allows remote attackers to cause a denial of service (GPU command-buffer memory corruption) or possibly have unspecified other impact via unknown vectors. La función AsyncPixelTransfersCompletedQuery::End en gpu/command_buffer/service/query_manager.cc en Google Chrome, utilizado en Google Chrome OS anterior a 33.0.1750.152, no comprueba si cierta posición está dentro de los límites de un segmento de memoria compartida, lo que permite a atacantes remotos causar una denegación de servicio (corrupción de memoria de comando de buffer de GPU) o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update-for-chrome-os_14.html https://code.google.com/p/chromium/issues/detail?id=351852 https://src.chromium.org/viewvc/chrome?revision=256723&view=revision https://src.chromium.org/viewvc/chrome?revision=256918&view=revision • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-1708
https://notcve.org/view.php?id=CVE-2014-1708
The boot implementation in Google Chrome OS before 33.0.1750.152 does not properly consider file persistence, which allows remote attackers to execute arbitrary code via unspecified vectors. La implementación boot en Google Chrome OS anterior a 33.0.1750.152 no considera debidamente persistencia de archivo, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update-for-chrome-os_14.html https://code.google.com/p/chromium/issues/detail?id=344051 •