A vulnerability was found in Google Chrome OS (Web Browser). It has been rated as critical. Affected by this issue is the function PVRSRVBridgeSyncPrimOpCreate of the file /dev/dri/card1 of the component Imagination Technologies Driver. The manipulation with an unknown input leads to a integer overflow vulnerability. Using CWE to declare the problem leads to CWE-190. The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. Impacted is confidentiality, integrity, and availability. CVE summarizes:

The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a malicious application. This occurs because of intentional access for the GPU process to /dev/dri/card1 and the PowerVR ioctl handler, as demonstrated by PVRSRVBridgeSyncPrimOpCreate.

The weakness was shared 10/01/2019. This vulnerability is handled as CVE-2019-16508 since 09/19/2019. The attack may be launched remotely. No form of authentication is required for exploitation. Successful exploitation requires user interaction by the victim. There are known technical details, but no exploit is available. The current price for an exploit might be approx. USD $0-$5k (estimation calculated on 12/29/2023). It is expected to see the exploit prices for this product increasing in the near future.

Upgrading to version R74-11895.B, R75-12105.B or R76-12208.0.0 eliminates this vulnerability.

Productinfo

Type

• Web Browser

Vendor

• Google

Name

• Chrome OS

License

• free

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion