Vulnerability Description
The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | < 7.0.517.41 | |
| Linux | Linux Kernel | - |
References
- http://code.google.com/p/chromium/issues/detail?id=54794Issue TrackingMailing ListPatch
- http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.htmlRelease NotesVendor Advisory
- http://secunia.com/advisories/41888Broken Link
- http://www.securityfocus.com/bid/44241Third Party AdvisoryVDB Entry
- http://www.vupen.com/english/advisories/2010/2731Not Applicable
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
- http://code.google.com/p/chromium/issues/detail?id=54794Issue TrackingMailing ListPatch
- http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.htmlRelease NotesVendor Advisory
- http://secunia.com/advisories/41888Broken Link
- http://www.securityfocus.com/bid/44241Third Party AdvisoryVDB Entry
- http://www.vupen.com/english/advisories/2010/2731Not Applicable
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
FAQ
What is CVE-2010-4041?
CVE-2010-4041 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unspe...
How severe is CVE-2010-4041?
CVE-2010-4041 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2010-4041?
Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Linux Linux Kernel.