CVE-2014-3173

Publication date 26 August 2014

Last updated 24 July 2024


Ubuntu priority

The WebGL implementation in Google Chrome before 37.0.2062.94 does not ensure that clear calls interact properly with the state of a draw buffer, which allows remote attackers to cause a denial of service (read of uninitialized memory) via a crafted CANVAS element, related to gpu/command_buffer/service/framebuffer_manager.cc and gpu/command_buffer/service/gles2_cmd_decoder.cc.

Status

Package Ubuntu Release Status
chromium-browser 14.04 LTS trusty
Fixed 37.0.2062.94-0ubuntu0.14.04.1~pkg1042
12.04 LTS precise
Fixed 37.0.2062.94-0ubuntu0.12.04.1~pkg909
10.04 LTS lucid Ignored end of life
oxide-qt 14.04 LTS trusty
Fixed 1.1.2-0ubuntu0.14.04.1
12.04 LTS precise Not in release
10.04 LTS lucid Not in release