CVE-2016-1647

Published: 29 March 2016

Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Priority

Medium

CVSS 3 base score: 8.8

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
Upstream
Released (49.0.2623.108)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (49.0.2623.108-0ubuntu1.1233)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [49.0.2623.108-0ubuntu0.14.04.1.1113])
oxide-qt
Launchpad, Ubuntu, Debian
Upstream
Released (1.13.10)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (1.14.7-0ubuntu1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [1.14.7-0ubuntu0.14.04.1])