CVE-2011-1444

Published: May 3, 2011Modified: Apr 29, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Affected (3)

Products: Google: Chrome · Debian: Debian Linux

1 product

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Google Chrome	Before 11.0.696.57

Running on/with	Platform Versions
Linux Linux Kernel	All versions

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 6.0
Debian Debian Linux	Version 7.0

Related CWEs

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

References (10)

http://code.google.com/p/chromium/issues/detail?id=76542

Source: cve@mitre.org

ExploitIssue TrackingPatchVendor Advisory

http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html

Source: cve@mitre.org

Vendor Advisory

http://www.debian.org/security/2011/dsa-2245

Source: cve@mitre.org

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/67151

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14372

Source: cve@mitre.org

Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=76542