Bug 1101056 (CVE-2014-3152) - CVE-2014-3152 v8: integer underflow fixed in Google Chrome 35.0.1916.114
Summary: CVE-2014-3152 v8: integer underflow fixed in Google Chrome 35.0.1916.114
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2014-3152
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1101057 1101058
Blocks: 1091840
TreeView+ depends on / blocked
 
Reported: 2014-05-26 02:52 UTC by Murray McAllister
Modified: 2020-11-05 10:33 UTC (History)
50 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-06-16 19:13:50 UTC
Embargoed:

Attachments (Terms of Use)

Description Murray McAllister 2014-05-26 02:52:56 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2014-3152 to
the following vulnerability:

Name: CVE-2014-3152
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3152
Assigned: 20140503
Reference: http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html
Reference: https://code.google.com/p/chromium/issues/detail?id=358057
Reference: https://code.google.com/p/v8/source/detail?r=20363

Integer underflow in the LCodeGen::PrepareKeyedOperand function in
arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in
Google Chrome before 35.0.1916.114, allows remote attackers to cause a
denial of service or possibly have unspecified other impact via
vectors that trigger a negative key value.

It is not clear if the version in Fedora is affected or not.
Comment 1 Murray McAllister 2014-05-26 02:54:55 UTC 
Created v8 tracking bugs for this issue:

Affects: fedora-all [bug 1101057]
Affects: epel-6 [bug 1101058]
Comment 2 Tomas Hoger 2014-06-16 19:13:50 UTC 
This issue is in the ARM-specific code, hence this does not affect any Red Hat product.
Note You need to log in before you can comment on or make changes to this bug.