CVE-2015-1258
Published: 20 May 2015
Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.
Notes
Author | Note |
---|---|
mdeslaur | build parameter is specific for chrome build |
Priority
Status
Package | Release | Status |
---|---|---|
chromium-browser Launchpad, Ubuntu, Debian |
upstream |
Released
(43.0.2357.65)
|
precise |
Ignored
|
|
trusty |
Does not exist
(trusty was released [43.0.2357.81-0ubuntu0.14.04.1.1089])
|
|
utopic |
Released
(43.0.2357.81-0ubuntu0.14.10.1.1131)
|
|
vivid |
Released
(43.0.2357.81-0ubuntu0.15.04.1.1170)
|
|
wily |
Released
(43.0.2357.81-0ubuntu1.1179)
|
|
oxide-qt Launchpad, Ubuntu, Debian |
upstream |
Released
(1.7.8)
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was released [1.7.8-0ubuntu0.14.04.1])
|
|
utopic |
Released
(1.7.8-0ubuntu0.14.10.1)
|
|
vivid |
Released
(1.7.8-0ubuntu0.15.04.1)
|
|
wily |
Released
(1.7.8-0ubuntu1)
|
|
libvpx Launchpad, Ubuntu, Debian |
upstream |
Not vulnerable
|
precise |
Not vulnerable
|
|
trusty |
Not vulnerable
|
|
utopic |
Not vulnerable
|
|
vivid |
Not vulnerable
|
|
wily |
Not vulnerable
|
|
Patches: upstream: https://github.com/webmproject/libvpx/commit/943e43273b0a7369d07714e7fd2e19fecfb11c7c |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1258
- https://codereview.chromium.org/1106303002
- https://code.google.com/p/chromium/issues/detail?id=450939
- http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html
- https://ubuntu.com/security/notices/USN-2610-1
- NVD
- Launchpad
- Debian