Summary: | <www-client/chromium-32.0.1700.102: multiple vulnerabilities (CVE-2013-{6649,6650},CVE-2014-1681) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Ulenrich <ulenrich> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | chromium |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Ulenrich
2014-01-27 21:45:00 UTC
Some vulnerabilities have been reported in Google Chrome where some have an unknown impact and others can be exploited by malicious people to compromise a user's system. 1) Some unspecified errors exist. No further information is currently available. 2) A use-after-free error exists when handling SVG images. 3) An error related to v8 can be exploited to corrupt memory. Successful exploitation of the vulnerabilities #2 and #3 may allow execution of arbitrary code. The vulnerabilities are reported in versions prior to 32.0.1700.102. Solution: Update to version 32.0.1700.102. Sorry, please proceed with stabilizing chromium-32.0.1700.102. amd64 stable x86 stable CVE-2014-1681 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1681): Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.102 have unknown impact and attack vectors, related to 12 "security fixes [that were not] either contributed by external researchers or particularly interesting." CVE-2013-6650 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6650): The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors that trigger incorrect handling of "popular pages." CVE-2013-6649 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6649): Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image. Maintainer(s), thank you for cleanup ahead of time. Added to existing GLSA Draft. This issue was resolved and addressed in GLSA 201403-01 at http://security.gentoo.org/glsa/glsa-201403-01.xml by GLSA coordinator Mikle Kolyada (Zlogene). |