Red Hat Bugzilla – Bug 1086120
CVE-2014-1729 v8: multiple unspecified vulnerabilities fixed in Google Chrome 34.0.1847.116
Last modified: 2016-04-26 11:12:49 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2014-1729 to the following vulnerability: Name: CVE-2014-1729 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1729 Assigned: 20140129 Reference: http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html Reference: https://code.google.com/p/chromium/issues/detail?id=345820 Reference: https://code.google.com/p/chromium/issues/detail?id=347262 Reference: https://code.google.com/p/chromium/issues/detail?id=348319 Reference: https://code.google.com/p/chromium/issues/detail?id=350863 Reference: https://code.google.com/p/chromium/issues/detail?id=352982 Reference: https://code.google.com/p/chromium/issues/detail?id=355586 Reference: https://code.google.com/p/chromium/issues/detail?id=358059 Reference: https://code.google.com/p/v8/source/detail?r=19572 Reference: https://code.google.com/p/v8/source/detail?r=19584 Reference: https://code.google.com/p/v8/source/detail?r=19923 Reference: https://code.google.com/p/v8/source/detail?r=20033 Reference: https://code.google.com/p/v8/source/detail?r=20345 Reference: https://code.google.com/p/v8/source/detail?r=20409 Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22, as used in Google Chrome before 34.0.1847.116, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. This is possibly impact moderate or low with the way v8 is used in Red Hat products and Fedora. Investigation ongoing.
Created v8 tracking bugs for this issue: Affects: fedora-all [bug 1086123] Affects: epel-6 [bug 1086124]
https://code.google.com/p/chromium/issues/detail?id=345820 https://code.google.com/p/v8/source/detail?r=19549 https://code.google.com/p/chromium/issues/detail?id=347262 https://code.google.com/p/v8/source/detail?r=19584 Not applicable to v8 3.14. Upstream bugs suggest only Chrome version 34 was affected by these issues. https://code.google.com/p/chromium/issues/detail?id=348319 https://code.google.com/p/v8/source/detail?r=19676 Not applicable to v8 3.14. Upstream bug does not mention any Chrome version prior 34 as affected. https://code.google.com/p/chromium/issues/detail?id=350863 https://code.google.com/p/v8/source/detail?r=19923 Private bug report. This is a follow-up fix for one of the issues under CVE-2013-6668 / bug 1074737. https://code.google.com/p/chromium/issues/detail?id=352982 https://code.google.com/p/v8/source/detail?r=20033 https://code.google.com/p/chromium/issues/detail?id=355586 https://code.google.com/p/v8/source/detail?r=20345 https://code.google.com/p/chromium/issues/detail?id=358059 https://code.google.com/p/v8/source/detail?r=20409 Private upstream bug reports. Fixes not applicable to v8 3.14.
(In reply to Tomas Hoger from comment #2) > https://code.google.com/p/chromium/issues/detail?id=350863 > https://code.google.com/p/v8/source/detail?r=19923 > > Private bug report. This is a follow-up fix for one of the issues under > CVE-2013-6668 / bug 1074737. This issue is not reproducible with v8 3.14. The Hydrogen CFG generated by 3.24/3.25 where this issue was corrected is significantly different form the 3.14 output. 3.14 does not seem affected by this issue.