CVE-2011-1189 — Integer Underflow (Wrap or Wraparound) in Google Chrome

CWE-191 — Integer Underflow (Wrap or Wraparound)12 documents4 sources

Severity

7.5HIGHNVD

EPSS

1.9%

top 16.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Chrome

Timeline

PublishedMar 11

Latest updateMay 13

Description

Google Chrome before 10.0.648.127 does not properly perform box layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDgoogle/chrome< 10.0.648.127

🔴Vulnerability Details

GHSA

GHSA-56j5-2vvr-cv2v: Google Chrome before 10↗2022-05-13

▶

OSV

CVE-2011-1189: Google Chrome before 10↗2011-03-11

▶

📋Vendor Advisories

Red Hat

kernel: bluetooth: buffer overflow in l2cap config request↗2011-06-24

▶

Red Hat

kernel: /proc/PID/io infoleak↗2011-06-21

▶

Red Hat

kernel: ext4: kernel panic when writing data to the last block of sparse file↗2011-06-03

▶

Red Hat

kernel: ksm: race between ksmd and exiting task↗2011-06-02

▶

Red Hat

kernel: nl80211: missing check for valid SSID size in scan operations↗2011-05-18

▶