CVE-2015-1258
Published: 20 May 2015
Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.
Notes
| Author | Note |
|---|---|
| mdeslaur | build parameter is specific for chrome build |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
chromium-browser Launchpad, Ubuntu, Debian |
precise |
Ignored
|
| trusty |
Released
(43.0.2357.81-0ubuntu0.14.04.1.1089)
|
|
| upstream |
Released
(43.0.2357.65)
|
|
| utopic |
Released
(43.0.2357.81-0ubuntu0.14.10.1.1131)
|
|
| vivid |
Released
(43.0.2357.81-0ubuntu0.15.04.1.1170)
|
|
| wily |
Released
(43.0.2357.81-0ubuntu1.1179)
|
|
|
libvpx Launchpad, Ubuntu, Debian |
precise |
Not vulnerable
|
| trusty |
Not vulnerable
|
|
| upstream |
Not vulnerable
|
|
| utopic |
Not vulnerable
|
|
| vivid |
Not vulnerable
|
|
| wily |
Not vulnerable
|
|
|
Patches: upstream: https://github.com/webmproject/libvpx/commit/943e43273b0a7369d07714e7fd2e19fecfb11c7c |
||
|
oxide-qt Launchpad, Ubuntu, Debian |
precise |
Does not exist
|
| trusty |
Released
(1.7.8-0ubuntu0.14.04.1)
|
|
| upstream |
Released
(1.7.8)
|
|
| utopic |
Released
(1.7.8-0ubuntu0.14.10.1)
|
|
| vivid |
Released
(1.7.8-0ubuntu0.15.04.1)
|
|
| wily |
Released
(1.7.8-0ubuntu1)
|
|