Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 442096 (CVE-2012-5116) - <www-client/chromium-23.0.1271.64, <dev-lang/v8-3.13.7.5 multiple vulnerabilities (CVE-2012-{5116,5117,5120,5121,5122,5123,5124,5125,5126,5128})
Summary: <www-client/chromium-23.0.1271.64, <dev-lang/v8-3.13.7.5 multiple vulnerabili...
Status: RESOLVED FIXED
Alias: CVE-2012-5116
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: http://googlechromereleases.blogspot....
Whiteboard: A2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2012-11-06 20:18 UTC by Mike Gilbert
Modified: 2013-09-25 20:39 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mike Gilbert gentoo-dev 2012-11-06 20:18:04 UTC
Release notes in URL.

Not sure about CVE-2012-5127; we use the system libwebp.
Comment 1 Mike Gilbert gentoo-dev 2012-11-07 01:28:25 UTC
Please stabilize on amd64 and x86.

There is a unit test failure (bug 442142), but I don't think it should block this.

=www-client/chromium-23.0.1271.64
=dev-lang/v8-3.13.7.5
Comment 2 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2012-11-07 04:05:22 UTC
(In reply to comment #0)
> Not sure about CVE-2012-5127; we use the system libwebp.

We should get system libwebp patched.

(In reply to comment #1)
> There is a unit test failure (bug 442142), but I don't think it should block
> this.

That's right, let's stabilize this provided the browser is usable. I'll take a more detailed look at the test failure later, thanks for filing the bug.
Comment 3 Mike Gilbert gentoo-dev 2012-11-07 04:27:34 UTC
(In reply to comment #2)
> We should get system libwebp patched.
> 

Based on the NEWS file, I suspect this is fixed in libwebp-0.2.1.

http://git.chromium.org/gitweb/?p=webm/libwebp.git;a=blob;f=NEWS;h=0b40d5289782b0eb120991d89ec3be3ec5adabd4;hb=HEAD
Comment 4 Agostino Sarubbo gentoo-dev 2012-11-07 16:20:27 UTC
x86 and amd64 stable
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2012-11-07 23:42:57 UTC
CVE-2012-5128 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5128):
  Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64,
  does not properly perform write operations, which allows remote attackers to
  cause a denial of service or possibly have unspecified other impact via
  unknown vectors.

CVE-2012-5127 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5127):
  Integer overflow in Google Chrome before 23.0.1271.64 allows remote
  attackers to cause a denial of service (out-of-bounds read) or possibly have
  unspecified other impact via a crafted WebP image.

CVE-2012-5126 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5126):
  Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to the handling of plug-in placeholders.

CVE-2012-5125 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5125):
  Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to the handling of extension tabs.

CVE-2012-5124 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5124):
  Google Chrome before 23.0.1271.64 does not properly handle textures, which
  allows remote attackers to cause a denial of service (memory corruption) or
  possibly have unspecified other impact via unknown vectors.

CVE-2012-5123 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5123):
  Skia, as used in Google Chrome before 23.0.1271.64, allows remote attackers
  to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVE-2012-5122 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5122):
  Google Chrome before 23.0.1271.64 does not properly perform a cast of an
  unspecified variable during handling of input, which allows remote attackers
  to cause a denial of service or possibly have other impact via unknown
  vectors.

CVE-2012-5121 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5121):
  Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to video layout.

CVE-2012-5120 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5120):
  Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on
  64-bit Linux platforms allows remote attackers to cause a denial of service
  or possibly have unspecified other impact via crafted JavaScript code that
  triggers an out-of-bounds access to an array.

CVE-2012-5119 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5119):
  Race condition in Pepper, as used in Google Chrome before 23.0.1271.64,
  allows remote attackers to cause a denial of service or possibly have
  unspecified other impact via vectors related to buffers.

CVE-2012-5118 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5118):
  Google Chrome before 23.0.1271.64 on Mac OS X does not properly validate an
  integer value during the handling of GPU command buffers, which allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via unknown vectors.

CVE-2012-5117 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5117):
  Google Chrome before 23.0.1271.64 does not properly restrict the loading of
  an SVG subresource in the context of an IMG element, which has unspecified
  impact and remote attack vectors.

CVE-2012-5116 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5116):
  Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to the handling of SVG filters.
Comment 6 Sean Amoss gentoo-dev Security 2012-11-07 23:46:00 UTC
Filed a new GLSA request.
Comment 7 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2012-11-09 05:24:41 UTC
CVE-2012-5127 handled in bug #442152 .

CVE-2012-5118 is Mac OS X specific.

GLSA draft ready.
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2013-09-25 00:10:27 UTC
This issue was resolved and addressed in
 GLSA 201309-16 at http://security.gentoo.org/glsa/glsa-201309-16.xml
by GLSA coordinator Sean Amoss (ackle).
Comment 9 Sean Amoss gentoo-dev Security 2013-09-25 20:39:00 UTC
CVE-2012-5119 marked NFU. See bug 486014.