UBUNTU-CVE-2014-1733

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2014-1733

Published: 26 Apr 2014, 10:55

Last modified:08 Sept 2025, 16:43

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

26 Apr 2014, 10:55

Published

Vulnerability first disclosed

08 Sept 2025, 16:43

Last Modified

Vulnerability information updated

Description

The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access.

Affected Systems

ubuntu•chromium-browser
< 36.0.1985.125-0ubuntu1.14.04.0~pkg1029

References (5)

https://ubuntu.com/security/CVE-2014-1733
https://src.chromium.org/viewvc/chrome?revision=260157&view=revision
https://code.google.com/p/chromium/issues/detail?id=351103
http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html
https://www.cve.org/CVERecord?id=CVE-2014-1733