CVE-2014-3155
Publication date 11 June 2014
Last updated 24 July 2024
Ubuntu priority
net/spdy/spdy_write_queue.cc in the SPDY implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging incorrect queue maintenance.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| chromium-browser | 14.04 LTS trusty |
Fixed 36.0.1985.125-0ubuntu1.14.04.0~pkg1029
|
| oxide-qt | 14.04 LTS trusty |
Fixed 1.0.4-0ubuntu0.14.04.1
|
References
Related Ubuntu Security Notices (USN)
- USN-2298-1
- Oxide vulnerabilities
- 23 July 2014
Other references
- https://src.chromium.org/viewvc/chrome?revision=269246&view=revision
- https://src.chromium.org/viewvc/chrome?revision=268730&view=revision
- https://src.chromium.org/viewvc/chrome?revision=267984&view=revision
- https://code.google.com/p/chromium/issues/detail?id=369539
- http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html
- https://www.cve.org/CVERecord?id=CVE-2014-3155