Issue metadata
Sign in to add a comment
|
The chrome crash and the abrt-ccpp of fedora report expliotable level is 6
Reported by
wangguoh...@gmail.com,
Oct 17 2016
|
||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36 Steps to reproduce the problem: 1. you can look the vedio of attachment. 2. 3. What is the expected behavior? 1. loggin sucessfully. What went wrong? 1. chrome crash Did this work before? N/A Chrome version: 53.0.2785.116 Channel: stable OS Version: fedora24 Flash Version: Shockwave Flash 23.0 r0 I want to konw that how to debug this promble or write a EXP. thanks
,
Oct 18 2016
➜ ~ cp -a ~/Downloads/google-chrome ~/.config ➜ ~ google-chrome --version Google Chrome 53.0.2785.116 ➜ ~ google-chrome [16041:16078:1018/094821:ERROR:login_database.cc(419)] Password store database is too new, kCurrentVersionNumber=17, GetCompatibleVersionNumber=18 [16041:16078:1018/094821:ERROR:password_store_default.cc(45)] Could not create/open login database. [16041:16083:1018/094821:ERROR:connection_factory_impl.cc(369)] Failed to connect to MCS endpoint with error -127 --2016-10-18 09:48:27-- https://clients2.google.com/cr/report Resolving clients2.google.com (clients2.google.com)... failed: Name or service not known. wget: unable to resolve host address ‘clients2.google.com’ Failed to get crash dump id. Report Id: [1] 16041 segmentation fault (core dumped) google-chrome ➜ ~ tar czvf google-chrome.tar.gz ~/.config/google-chrome
,
Oct 24 2016
It looks like the steps to reproduce this involve replacing the profile directory. That's an example of a physically local attack, which we don't consider as a security bug under chrome's threat model. See https://www.chromium.org/Home/chromium-security/security-faq#TOC-Why-aren-t-physically-local-attacks-in-Chrome-s-threat-model- for more information. |
|||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||
Comment 1 by mmoroz@chromium.org
, Oct 17 2016