New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
Starred by 8 users
Status: Verified
Owner: ----
Closed: Mar 2014
Cc:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 0
Type: Bug-Security


Sign in to add a comment
Security: Pwnium 4 GeoHot tracking bug
Project Member Reported by jorgelo@chromium.org, Mar 12 2014 Back to list
We received a full persistent exploit from GeoHot. Stay tuned.
 
geohot.zip
87.2 KB Download
Blockedon: chromium:351796
 Issue 351796  for try_touch_experiment command injection.
Labels: Restrict-View-Google
Blockedon: chromium:344051
Status: Available
 Issue 344051  is persistence.
Cc: tommi@chromium.org
Blockedon: chromium:351811
root escalation:  issue 351811 
Comment 6 by sumit@chromium.org, Mar 12 2014
Cc: arscott@chromium.org olofj@chromium.org
 Issue 344051  for v8 oob read/write.
Blockedon: chromium:351815
 Issue 351815  for swapped out RVH issue.
Comment 10 by sumit@chromium.org, Mar 13 2014
Cc: yjlou@chromium.org
Cc: deepakg@chromium.org
Comment 12 by k...@google.com, Mar 14 2014
Cc: kamakshi@chromium.org
Cc: scunning...@chromium.org
Labels: -Restrict-View-Google
Status: Fixed
Marking as fixed since the fixes were pushed to users.
Labels: reward-150000
Adding reward amount.
Labels: reward-unpaid
Cc: mbevand@google.com
Cc: gfh1...@gmail.com
Labels: -reward-unpaid reward-inprocess
Starting payment process
Labels: -reward-inprocess
Processing via our e-payment system can take up to 30 days, but reward should be on its way to you.

I'm also organizing a Pixel as your Chromebook award, but let me know if you want something else.

Labels: Security_Impact-NA
Adding Security-Impact-NA (This is just a tracking bug)
Labels: VerifyIn-36
Project Member Comment 22 by clusterf...@chromium.org, Jun 24 2014
Labels: -Restrict-View-SecurityTeam
Bulk update: removing view restriction from closed bugs.
Comment 23 by krisr@chromium.org, Jul 30 2014
Status: Verified
Project Member Comment 24 by sheriffbot@chromium.org, Mar 22 2016
Labels: -Security_Impact-NA
Project Member Comment 25 by sheriffbot@chromium.org, Oct 1 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member Comment 26 by sheriffbot@chromium.org, Oct 2 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member Comment 27 by sheriffbot@chromium.org, Oct 2 2016
Labels: Restrict-View-SecurityNotify
Labels: allpublic
Project Member Comment 29 by sheriffbot@chromium.org, Oct 3 2016
Labels: -Restrict-View-SecurityNotify
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Sign in to add a comment