Given that this involves memory allocation and the fact that it has to be triggered with a specific sequence of HTTP requests, does it mean that the possibilty of this happening is extremely rare? Any system on which this attempt is done probably needs to be having not many others processes running which might trigger memory allocations and thus break this specific set of steps to exploit the issue?
Not trying to belittle the issue or the efforts spent to report it, but trying to understand how frequently it could be exploited.
The entire details of the exploit are apparently in a 37 page writeup which is yet unreleased. So it's safe to assume that it is requisite on a very specific chain of events that are more likely to happen in an OS like ChromeOS where there are a lot fewer simultaneous actions. Additionally, ChromeOS' multiprocess model means that you don't have to worry nearly as much about those other actions, because the allocators are probably going to be running according to your assumptions.
> " the fact that it has to be triggered with a specific sequence of HTTP requests,"
Does not sound like a limitation at all. This is the very normal "browser attack model" where you assume that an attacker can execute code in your browser. (aka he either controls a webpage you are visiting, a banner on a webpage you are visiting or the network stream and messes with http webpages you are visiting).
Not trying to belittle the issue or the efforts spent to report it, but trying to understand how frequently it could be exploited.