Home > IT, Security > Google Chrome DoS

Google Chrome DoS

September 3rd, 2008 Leave a comment Go to comments

Well it certainly didn't take long... I noticed this on milw0rm this morning. It seems that someone has found a DoS in Google Chrome. What's interesting is that one of the thngs that Chrome does is process separation between tabs (or so they claim), yet this DoS manages to take out all of Chrome, not just the tab you visit the page in.

Original Advisory with PoC (Note that you don't even have to click on the PoC link in the advisory. You can cause the crash simply by mouse overing it.)

Categories: IT, Security Tags: , , , , ,
  1. Steven Di Rocco
    January 19th, 2009 at 14:20 | #1
    Reply | Quote

    fyi, int 3 is the debug breakpoint interrupt. Because int 3 is almost always macro'd out in release builds, this almost certainly means some piece of code is confused and failing gracefully (sort of) by intentionally halting.

    From the google code analysis, it looks like it has something to do with URL handling that lives in the parent process of all the tab children. This code is quite impressive for a first release.

  2. media kingdom
    January 19th, 2009 at 14:20 | #2
    Reply | Quote

    i'm willing to try it out just to see if it works more efficiently than FireFox… if it's faster than Firefox and isn't IE, then i'll use it

  1. No trackbacks yet.