CVE-2012-5129Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Chrome OS

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-122Heap-based Buffer Overflow9 documents8 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 36.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Mesa3d MesaGoogle Chrome OSGoogle Chrome
Timeline
PublishedDec 4
Latest updateMay 14

Description

Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 23.0.1271.94 allows remote attackers to cause a denial of service (GPU process crash) or possibly have unspecified other impact via unknown vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

NVDgoogle/chrome_os21.0.1180.57
NVDgoogle/chrome23.0.1271.91, 23.0.1271.92+1
Debianmesa3d/mesa< 8.0.5-3+3

🔴Vulnerability Details

3
GHSA
GHSA-j4r3-4332-hqrv: Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 232022-05-14
OSV
CVE-2012-5129: Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 232012-12-04
CVEList
CVE-2012-5129: Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 232012-12-04

📋Vendor Advisories

3
Ubuntu
Mesa vulnerability2013-05-07
Red Hat
Mesa: Heap-buffer overflow in glGetUniform*2012-11-30
Debian
CVE-2012-5129: mesa - Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 23....2012

💬Community

2
Bugzilla
CVE-2012-5129 Mesa: Heap-buffer overflow in glGetUniform* [fedora-17]2012-12-04
Bugzilla
CVE-2012-5129 Mesa: Heap-buffer overflow in glGetUniform*2012-12-04
CVE-2012-5129 — Google Chrome OS vulnerability | cvebase