New issue
Advanced search Search tips

Issue 878505 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Aug 29
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: Buff Overflow in Chrome 88

Reported by sim...@ockom.io, Aug 28 
VULNERABILITY DETAILS
Buffer overflow in Chrome. 

VERSION
Chrome Version:  Version: 68.0.3440.106 64 bit stable
Operating System: Windows 10 / *nix

REPRODUCTION CASE
Insert into webpage. see: https://ockom.io/tesploit

FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION
Type of crash: tab
chrome-68-buffoverflow.txt
692 bytes View Download

Comment 1 by tsepez@chromium.org, Aug 29

Status: WontFix (was: Unconfirmed)
This is not a buffer overflow, but rather a memory exhaustion (there's a big difference between the two in terms of the consequences). As such, this is a functional issue (and a well-known one at that), and not a security issue since it doesn't allow an adversary access to any information to which they are not entitled.

See https://chromium.googlesource.com/chromium/src/+/master/docs/security/faq.md#are-denial-of-service-issues-considered-security-bugs
Project Member

Comment 2 by sheriffbot@chromium.org, Dec 6

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment