Date published: 2014-04-26T06:55:05.543-04:00
Date last modified: 2017-01-06T21:59:43.330-05:00
CVSS Score: 7.5
Principal attack vector: NETWORK
Reference URL: http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html
Summary: The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access.