password is ZDI-CAN-2833

Uploading a usable file format.

Deleted: ZDI-CAN-2833.tgz 1.9 MB

ZDI-CAN-2833.tgz 1.9 MB Download

PDF attached.

Deleted: chrome_pwn2own_2015_lokihardt_for_google.pdf 69.6 KB

chrome_pwn2own_2015_lokihardt_for_google.pdf 69.6 KB Download

this exploit gives execution within the GPU process but a sandbox escape is required to get full access, so it's only severity High

Adding Merge-Triage label for tracking purposes.

Once your fix had sufficient bake time (on canary, dev as appropriate), please nominate your fix for merge by adding the Merge-Requested label.

When your merge is approved by the release manager, please start merging with higher milestone label first. Make sure to re-request merge for every milestone in the label list. You can get branch information on omahaproxy.appspot.com.

- Your friendly ClusterFuzz

Tracking bug - no merge required.

Bulk update: removing view restriction from closed bugs.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot