CVE-2014-3165

Published: 13 August 2014

Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an unexpectedly long lifetime of a temporary object during method completion.

Priority

Medium

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
Upstream
Released (36.0.1985.143)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [37.0.2062.94-0ubuntu0.14.04.1~pkg1042])
oxide-qt
Launchpad, Ubuntu, Debian
Upstream
Released (1.0.5)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [1.0.5-0ubuntu0.14.04.1])