USN-2735-1: Oxide vulnerabilities

8 September 2015

Several security issues were fixed in Oxide.

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Releases

Packages

  • oxide-qt - Web browser engine library for Qt (QML plugin)

Details

It was discovered that the DOM tree could be corrupted during parsing in
some circumstances. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to bypass
same-origin restrictions or cause a denial of service. (CVE-2015-1291)

An issue was discovered in NavigatorServiceWorker::serviceWorker in Blink.
If a user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to bypass same-origin
restrictions. (CVE-2015-1292)

An issue was discovered in the DOM implementation in Blink. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit this to bypass same-origin restrictions.
(CVE-2015-1293)

A use-after-free was discovered in Skia. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to cause a denial of service via renderer crash, or execute arbitrary
code with the privileges of the sandboxed render process. (CVE-2015-1294)

A use-after-free was discovered in the shared-timer implementation in
Blink. If a user were tricked in to opening a specially crafted website,
an attacker could potentially exploit this to cause a denial of service
via renderer crash, or execute arbitrary code with the privileges of the
sandboxed render process. (CVE-2015-1299)

It was discovered that the availability of iframe Resource Timing API
times was not properly restricted in some circumstances. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit this to obtain sensitive information. (CVE-2015-1300)

Multiple security issues were discovered in Chromium. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to read uninitialized memory, cause a denial
of service via application crash or execute arbitrary code with the
privileges of the user invoking the program. (CVE-2015-1301)

A heap corruption issue was discovered in oxide::JavaScriptDialogManager.
If a user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to cause a denial of service via
application crash, or execute arbitrary code with the privileges of the
user invoking the program. (CVE-2015-1332)

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 15.04
Ubuntu 14.04

In general, a standard system update will make all the necessary changes.