The CDM is sandboxed in Firefox and Chrome.

nickpsecurity · on Oct 7, 2016

What does that mean in regards to parent's comment? If it renders, it went through both a graphics driver and GPU. Therefore they're in attack surface for malicious data designed to take over privileged code and/or DMA engines.

rockdoe · on Oct 7, 2016

The CDM doesn't need to do any rendering, and interaction with the GPU can be limited to writing in a designated shared memory area.

dogma1138 · on Oct 8, 2016

Because it's isolated and there is no DMA really.

There is a reason why the graphics driver is in user mode, and why the memory is virtualized.

The application doesn't have traditional DMA unless you load a privileged kernel which you can't do via a browser.

An application can't access the memory of another application via the display driver this is a solved issue.