icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Google Chrome OS < 33.0.1750.152 Multiple Security Vulnerabilities

High

Synopsis

The remote host is running a version of Google Chrome OS that may be vulnerable to multiple security issues. Google Chrome OS is a Linux-based operating system from Google.

Description

Versions of Google Chrome OS prior to 33.0.1750.152 are affected by the following vulnerabilities :

- Memory corruption vulnerability in Google V8 via ArrayBuffer property accesses. (CVE-2014-1705)

- Command injection vulnerability via a flaw in crosh that is triggered when calling try_touch_experiment. (CVE-2014-1706)

- Unspecified path traversal vulnerability due to insufficient user-input sanitation when mounting a source (CVE-2014-1707)

- Unspecified on-boot file persistence vulnerability (CVE-2014-1708)

- An exploitable memory corruption in the 'AsyncPixelTransfersCompletedQuery::End()' function in 'gpu/command_buffer/service/query_manager.cc' (CVE-2014-1710)

- Out-of-bounds write flaw in the GPU driver (CVE-2014-1711)

- Use-after-free error related to document.location bindings, which may be leveraged to execute arbitrary code by a context-dependent attacker. (CVE-2014-1713)

Solution

Update your Chrome OS version to 33.0.1750.152 or later.