OOB in pacprocessor's libpac-chromium could lead to possible RCE

2021-07-0100:00:00

Google

osv.dev

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.1%

JSON

In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.

CPENameOperatorVersion
platform/external/chromium-libpaceq11
platform/external/chromium-libpaceq10
platform/external/v8eq9
platform/external/chromium-libpaceq8.1
platform/external/v8eq8.1
platform/external/v8eq11
platform/external/v8eq10
platform/external/chromium-libpaceq9

Name	Operator	Version
platform/external/chromium-libpac	eq	11
platform/external/chromium-libpac	eq	10
platform/external/v8	eq	9
platform/external/chromium-libpac	eq	8.1
platform/external/v8	eq	8.1
platform/external/v8	eq	11
platform/external/v8	eq	10
platform/external/chromium-libpac	eq	9