CVE-2015-4484

Publication date 11 August 2015

Last updated 24 July 2024


Ubuntu priority

The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service (application crash) by leveraging the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuffer object.

Status

Package Ubuntu Release Status
firefox 15.04 vivid
Fixed 40.0+build4-0ubuntu0.15.04.1
14.04 LTS trusty
Fixed 40.0+build4-0ubuntu0.14.04.1
12.04 LTS precise
Fixed 40.0+build4-0ubuntu0.12.04.1

References

Related Ubuntu Security Notices (USN)

    • USN-2702-1
    • Firefox vulnerabilities
    • 11 August 2015

Other references