CVE-2013-2905

Publication date 21 August 2013

Last updated 24 July 2024

Ubuntu priority

Description

The SharedMemory::Create function in memory/shared_memory_posix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
chromium-browser	13.10 saucy	Not affected
	13.04 raring	Fixed 30.0.1599.114-0ubuntu0.13.04.2
	12.10 quantal	Fixed 30.0.1599.114-0ubuntu0.12.10.2
	12.04 LTS precise	Fixed 30.0.1599.114-0ubuntu0.12.04.3
	10.04 LTS lucid	Ignored end of life

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://src.chromium.org/viewvc/chrome?revision=209814&view=revision
http://googlechromereleases.blogspot.com/2013/08/stable-channel-update.html
http://crbug.com/254159
https://www.cve.org/CVERecord?id=CVE-2013-2905