Bug 1091838 (CVE-2014-1735)

Summary: CVE-2014-1735 v8: multiple vulnerabilities fixed in Google Chrome 34.0.1847.131
Product: [Other] Security Response Reporter: Murray McAllister <mmcallis>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: abaron, aortega, apevec, ayoung, bdunne, bgollahe, bkearney, bleanhar, cbillett, ccoleman, chrisw, cpelland, dajohnso, dclarizi, dmcphers, drieden, gkotton, gmccullo, jdetiber, jfrey, jialiu, jkeck, jokerman, jomara, jorton, jprause, jrafanie, katello-bugs, kseifried, lhh, lmeyer, markmc, mfeifer, mmaslano, mmccomas, mmccune, mmcgrath, obarenbo, rbryant, rhos-maint, sclewis, tcallawa, tchollingsworth, thrcka, tjay, tomckay, tomspur, vdanen, xlecauch, yeylon
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-08-06 14:06:19 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1091840    

Description Murray McAllister 2014-04-28 07:32:06 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2014-1735 to
the following vulnerability:

Name: CVE-2014-1735
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1735
Assigned: 20140129
Reference: http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html
Reference: https://code.google.com/p/chromium/issues/detail?id=359130
Reference: https://code.google.com/p/chromium/issues/detail?id=359525
Reference: https://code.google.com/p/chromium/issues/detail?id=360429
Reference: https://code.google.com/p/v8/source/detail?r=20501
Reference: https://code.google.com/p/v8/source/detail?r=20622
Reference: https://code.google.com/p/v8/source/detail?r=20624
Reference: https://src.chromium.org/viewvc/blink?revision=171077&view=revision
Reference: https://src.chromium.org/viewvc/blink?revision=171127&view=revision

Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33,
as used in Google Chrome before 34.0.1847.131 on Windows and OS X and
before 34.0.1847.132 on Linux, allow attackers to cause a denial of
service or possibly have other impact via unknown vectors.

It appears as though the Fedora packages may not be affected.
Comment 1 Tomas Hoger 2014-06-16 19:58:38 UTC 
https://code.google.com/p/chromium/issues/detail?id=359525
https://code.google.com/p/v8/source/detail?r=20501

This fix is not applicable to v8 3.14.

https://code.google.com/p/chromium/issues/detail?id=359130
https://src.chromium.org/viewvc/blink?revision=171077&view=revision

https://code.google.com/p/chromium/issues/detail?id=360429
https://src.chromium.org/viewvc/blink?revision=171127&view=revision

These bugs are still non-public.  There does not seem to be any v8 commit referring to those bug ids.  They are only referenced by the linked blink commits, which are not applicable to v8.  We're currently unable to determine if there may be any fix applicable to v8 in Fedora and Red Hat products.
Comment 2 Tomas Hoger 2014-08-06 14:06:19 UTC 
(In reply to Tomas Hoger from comment #1)
> https://code.google.com/p/chromium/issues/detail?id=359130
> https://src.chromium.org/viewvc/blink?revision=171077&view=revision
> 
> https://code.google.com/p/chromium/issues/detail?id=360429
> https://src.chromium.org/viewvc/blink?revision=171127&view=revision
> 
> These bugs are still non-public.  There does not seem to be any v8 commit
> referring to those bug ids.  They are only referenced by the linked blink
> commits, which are not applicable to v8. 

Bugs are public now.  They only refer to Blink and hence are not applicable to v8.