Validate that resources belong to the right device
Categories
(Core :: Graphics: WebGPU, defect, P1)
Tracking
()
People
(Reporter: nical, Assigned: nical)
References
Details
(Keywords: sec-other)
Upstream issue: https://github.com/gfx-rs/wgpu/issues/3927
We don't validate that resources being use together belong to the same device. When I originally filed this I thought that there was one registry per device, but it's actually per instance so we can end up potentially passing things from the wrong devices to the low level GPU APIs.
|
||
Comment 1•1 year ago
•
|
||
:nical: Given that you've indicated in the WebGPU team's private Matrix channel that this can perhaps be a security risk with resources potentially being shared between arbitrary pages:
- Is this a P1?
- Is this a
sec-*issue?
|
Assignee | |
Comment 2•1 year ago
•
|
||
Well, we don't have evidence that it is a security hazard (depends on what the driver does in this situation). I wouldn't be surprised that the bugs it creates on some drivers could be and others not. Now that the s-word has been put here, might as well mark it as a sec bug to avoid painting a bulls eye on it.
|
|
Assignee | |
Updated•1 year ago
|
|
||
Updated•1 year ago
|
|
|
Assignee | |
Updated•1 year ago
|
|
||
Updated•1 year ago
|
|
||
Updated•1 year ago
|
|
|
||
Comment 4•1 year ago
|
||
sec-other because we don't need to double-count sec-high bugs; this is the same issue as bug 1856765
|
||
Updated•1 year ago
|
|
|
||
Comment 5•10 months ago
|
||
Bulk-unhiding security bugs fixed in Firefox 119-121 (Fall 2023). Use "moo-doctrine-subsidy" to filter
Description
•