CVE-2013-2905Google Chrome vulnerability

CWE-2642 documents2 sources
Severity
5.0MEDIUMNVD
EPSS
0.1%
top 67.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google ChromeDebian Linux
Timeline
PublishedAug 21
Latest updateMay 17

Description

The SharedMemory::Create function in memory/shared_memory_posix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDgoogle/chrome29.0.1547.56+50

Also affects: Debian Linux 7.0

🔴Vulnerability Details

1
GHSA
GHSA-h49q-wghx-7g75: The SharedMemory::Create function in memory/shared_memory_posix2022-05-17
CVE-2013-2905 — Google Chrome vulnerability | cvebase