Lack of RLIMIT_AS and RLIMIT_DATA Limits in NaClSandbox::InitializeLayerTwoSandbox Function in Google Chrome

Lack of RLIMIT_AS and RLIMIT_DATA Limits in NaClSandbox::InitializeLayerTwoSandbox Function in Google Chrome

CVE-2015-3335 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The NaClSandbox::InitializeLayerTwoSandbox function in components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc in Google Chrome before 42.0.2311.90 does not have RLIMIT_AS and RLIMIT_DATA limits for Native Client (aka NaCl) processes, which might make it easier for remote attackers to conduct row-hammer attacks or have unspecified other impact by leveraging the ability to run a crafted program in the NaCl sandbox.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.