New issue
Advanced search Search tips

Issue 763643 link

Starred by 1 user
Status: Duplicate
Merged: issue 763646
Owner: ----
Closed: Sep 2017
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 1
Type: Bug-Security



Sign in to add a comment

CrOS: Vulnerability reported in sys-kernel/chromeos-kernel-3_18

Project Member Reported by vomit.go...@appspot.gserviceaccount.com, Sep 9 2017 
Automated analysis has detected that the following third party packages have had vulnerabilities publicly reported. 

NOTE: There may be several bugs listed below - in almost all cases, all bugs can be quickly addressed by upgrading to the latest version of the package.

Package Name: sys-kernel/chromeos-kernel-3_18
Package Version: [cpe:/o:linux:linux_kernel:3.18]

Advisory: CVE-2015-0312
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2015-0312
  CVSS severity score: 10/10.0
  Confidence: high
  Description:

Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors.
Advisory: CVE-2015-1209
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2015-1209
  CVSS severity score: 7.5/10.0
  Confidence: high
  Description:

Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper handling of a shadow-root anchor.
Advisory: CVE-2015-1210
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2015-1210
  CVSS severity score: 5/10.0
  Confidence: high
  Description:

The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
Advisory: CVE-2015-1211
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2015-1211
  CVSS severity score: 7.5/10.0
  Confidence: high
  Description:

The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI.
Advisory: CVE-2015-1212
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2015-1212
  CVSS severity score: 7.5/10.0
  Confidence: high
  Description:

Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

Comment 1 by nparker@chromium.org, Sep 11 2017

Mergedinto: 763646
Status: Duplicate (was: Untriaged)
Project Member

Comment 2 by sheriffbot@chromium.org, Dec 20 2017

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment